Search Results

Definition Password domain Is a logical way of grouping managed systems that are sharing the same password for each account. If the administrator chooses to have the same password for every system, only one password domain should exist. If the administrator ...

Introduction The TLS protection of Soffid IAM Console is applied through the configuration of the Apache TomEE embedded in the installation. This solution is running under java technology therefore we need a jks file (Java Key Store) or a PKCS#12 file with t...

Description The audit trail page allows you to query for audit records. Each action done at the Soffid console will be reported. Here you have a list of common Advanced searches, you only have to copy, paste and search, e.g. // User changes trace calendar ...

Description The access log page allows querying all the information about the opened sessions.  Note that any session that was active during the specified date will be shown, even when it started before of finished after that date. Screen overview Cust...

What is Soffid Break glass? It refers to a mechanism that allows users to gain emergency access to critical systems or information under exceptional circumstances when normal access procedures are not viable.  Break glass is a crucial component of security a...

Installation Download Please download the Soffid Break glass add-on. You could download it at the following link http://www.soffid.com/download/enterprise/ if you have a Soffid user with authorization, or in the following http://download.soffid.com/download...

Definition Break glass is the mechanism that allows users to gain emergency access to critical systems or information under exceptional circumstances when normal access procedures are not viable.  For more information you can visit the  Break Glass book. Sc...

Intallation Execute the Store YAML version: '2' services: breakglass: image: eu.gcr.io/soffid-cloud/breakglass:1.0.3 environment: JAVA_KEYSTORE: /opt/soffid/tomee/certificados/breakglass.jks KEYSTORE_PASS: <YOUR_KEYSTORE_PASS> ...

If your system is working fine A window like this will be displayed: If your system is broken You could use Soffid break glass  tool: 1.  First of all, browse to your  Soffid break glass tool URL 2.  Soffid break glass tool offer you two options Br...

Configuration Once you have installed the Break glass addon and Break glass tool, you must configure this tool Steps Break-glass recovery configuration 1.  First of all, you need to configure the Break glass recovery. To do this, you need to browse to  Bre...

The purpose of this tutorial is to show how to install Jump servers and configure PAM using Kubernetes, to use critical resources without knowing the password required. Jump Server A jump server, jump host or jump box is a system on a network used to acces...

Installation Download Please download the Soffid Federation add-on. You could download it at the following link http://www.soffid.com/download/enterprise/ if you have a Soffid user with authorization, or in the following http://download.soffid.com/download/...

Definition Soffid includes Digital certificate functionality as a security enhancement. You could add new Digital certificates, internal or external. If you select the external certificate, you could add a valid certificate to Soffid; If you select the intern...

The purpose of this tutorial is to show how to install Jump servers and configure PAM using Dockers, to use critical resources without knowing the password required. Jump Server A jump server, jump host or jump box is a system on a network used to access a...

When making any manual changes to the Sync server configuration files, it will be necessary to copy these changes to the Kubernetes secrets. Command example:  java -cp "/opt/soffid/iam-sync/bin/bootstrap.jar" com.soffid.iam.sync.bootstrap.KubernetesSaver ...

When you install soffid Sync server in kubernetes, a properties file is generated. If this file is not saved in a permanent storage, it could be lost during the Syns Server upgrade process. Here you are the steps to copy your Kube config to a data base table ...

Step-by-step To enable the kerberos authentication method, the identity provider must have a keytab file that enables it to authenticate users. The steps to get it are described below: 1. First of all, you need to create a net user. You can use the old-fashi...

Description A profile is a protocol or subset of protocols implemented by the Identity Provider. There are some accepted protocols, those allows a custom config dependent on the selected profile. The accepted protocols are the following: 1. OpenIDProfile 2...

Introduction Soffid ESSO is a full Enterprise Single Sign on solution. Here you can find the details about the ESSO from 3.3.3-enterprise to 3.4.3-enterprise  iversions nstallation. Supported platforms Soffid ESSO supports Windows XP or later workstations....

Introduction KojiKabuto.exe, the main Soffid ESSO component, picks settings and rules automatically from Soffid synchronization server at login. This configuration can be updated by running the command "KojiKabuto update". Once run, new rules will apply to al...