ESSO
Definition
Here is an explanation about how to configure the ESSO profile.profile by using Soffid as Identity Provider.
Please note that the profile parameters will be automatically updated on the PCs.
Screen overview
Standard attributes
- Class: class name (readOnly field).
- Enabled: if it is checked (selected option is Yes) that protocol will be enabled.
- Soffid main agent: main agent to check the user account.
- Seconds to send keep alive from desktop to server:
- Timeout to close sessions:
- Enable Windows credential provider: if it is checked (selected option is Yes), the soffid logo will be displayed.
- Display last logged-on user: if it is checked (selected option is Yes), the last logged-on user will be displayed.
- Create local accounts when there is no domain account: if checked (the selected option is Yes) and the account does not exist in the main Soffid agent, the account is created as a local machine user.
- Maximum number of consecutive days to allow an off-line logon: the maximum value is 30 days.
- Enforce ESSO session when desktop gets on-line: if it is checked (selected option is Yes), the authentication is forced when the connection is retrieved
- Enforce ESSO sessions: if it is checked (selected option is Yes), performs authentication against the Windows domain without logging into Soffid.
- Let the user close the ESSO session:
- Allow quickly (and insecure) switch between users: if it is checked (selected option is Yes),
- Hostname format
Configuration
Once you have configured the Esso profile you must add an Adaptive authentication rule.
For more information, visit the Condition for Adaptive authentication page.