Search Results

Description The custom objects are the objects created by the administrator to extend the Soffid underlying data model. This allows you to store additional information that is not natively supported by Soffid.  This option allows administrator users to provi...

Definition Soffid provides an easy to use mechanism to translate references or external codes into internal codes. For example, the HHRR application could be using a diferent coding scheme for business units. To deal with this data mismatch, users can extend...

Definition Soffid allows you to define rules to detect commands executed on a server. When a user launches a command defined on a rule, Soffid will detect it. To use those rules you need to define the PAM policies. For more information, you can visit the PAM...

Description An account is the way an user is presented on a target system.  There can be user accounts as well as system-purpose accounts. An account belongs to a system and that account can have specific permissions assigned to it. An account must have defi...

Description A process is a series of actions, connected by transitions. An action could be either an automatic action or a manual task. Soffid console is concerned about task delegation and workflow management. Any user is able to create new processes or any...

Description Soffid agents are the tool that allows the connection between the Soffid console and the target systems. To establish the connection with target systems, Soffid provides a large number of connectors that will be able to set up into the Soffid cons...

How to access? For domain member hosts, ESSO will remove all existing local accounts except for those with a dependand service. So, in order to access with administrator privileges, user must use a domain account with local administrator privilege, or either ...

Definition Soffid allows you to customize the configuration of some attributes of the Console, Syncserver, connectors and add-ons. There are several types of parameters. Informative parameters, such as the versions of internal components of Soffid. Param...

Description Information systems are the systems that Soffid will protect granting and revoking roles. Each role and entry point is bound to an information system. The information system can be created hierarchically. These information systems are managed in ...

Description Soffid allows you to create roles to specify permissions that can be assigned to a user, a group, or an account. These permissions determine what operations are allowed on a resource. You can use roles to delegate access to users, applications, or...

Definition Privileged Access Management (PAM) policies are a set of guidelines and controls that dictate how privileged access is granted, managed, and audited within an organization. Soffid allows you to define policies, those policies can be made up of sev...

Description Groups are a convenient way to apply policies to a collection of users. Groups allow administrator users to specify permission for multiple users in a quick and easy way. Groups are managed in a hierarchical way. A user can belong to a group, and ...

Description After defining the attributes to publish, it’s required to write a policy that defines which attributes will be allowed to share with each service provider. Soffid allows you to define security rules that apply to any attribute that should be del...

Description The attribute definition page displays all the auto-generated user attributes. Those attributes will be the attributes to deliver from the identity providers to the service providers depending on the defined rules. Soffid has a default implementa...

Description Companies are organized in different business units, departments or workgroups. In Soffid, they all are named as groups. These group can be categorized by a group type. Group types can be used in the definition of Holder Groups. Some roles can ...

Description The audit trail page allows you to query for audit records. Each action done at the Soffid console will be reported. Here you have a list of common Advanced searches, you only have to copy, paste and search, e.g. // User changes trace calendar ...

You can consult the list of Soffid attributes: User Object Account Object Group Object Role Object Grant Object Maillist Object Membership Object dispatcherService Authoritative change object User object A user objects are maps that hold the...

Introduction Active Directory Back Channel refers to a mechanism that allows Soffid to synchronize user information with an external Active Directory (AD) server in real-time or near real-time (Password synchronizer). This synchronization ensures that both So...

Description Operators can define the subnets that compose the internal network, in order to manage the IP address space. The main goal is to manage a limited resource as the IP address is. Soffid supports both static and dynamic IP assignments. Anyway, stati...

Definition Soffid could use different kinds of external authentication sources. These mechanisms could be selectively enabled or disabled. Screen overview Standard attributes Global status Soffid server host name Enforce TLS connections t...