Skip to main content

System Security Defaults

  1. Last updated
  2. Save as PDF

This page describes the altered functionality of the System Security Defaults form.

Prerequisites:

Identity Manager Settings Section

Use this section to set the myAvatar Identity Manager server address and configure how the parent product communicates with the myAvatar Identity Manager server.

  1. Go to: RADplus Utilities > System Administration > System Security

  2. In the Identity Manager Server Platform field, enter the operating system that the Identity Manager server is running.
    Note: Windows Server 2003 and greater is supported for Windows operating systems.

  3. In the Identity Manager Server Name field, enter the Identity Manager server host name.
    Note: Do not enter an IP address in this field. IP addresses are used with the Identity Manager Domain to put together the fully qualified domain name (FQDN).

  4. In the Identity Manager Port Number field, enter the Identity Manager server communication port.

  5. In the Identity Manager Domain field, enter the Identity Manager server domain.

  6. In the Use TLS/SSL field:
    Select Yes to use TLS (Transport Layer Security)/SSL (Secure Sockets Layer) encryption.
    Note: If Yes is selected, a TLS/SSL certificate must be installed on the Cache database sever.
    Select No to bypass this function.

  • For Windows systems, the certificate must be installed in the Windows certificate database.

  • For Unix and Linux systems, the certificate must be copied to a directory that Cache and myAvatar have access to. The filename and path must be entered in the TLS/SSL Certificate File Name/Path field.
    Note: Solaris and AIX platforms do not support TLS/SSL.

  1. In the TLS/SSL Certificate File Name/Path field, enter the file name and path of the TLS/SSL certificate file. This field is required if the Cache database server is running the Unix or Linux operating system.

  2. In the Admin Username field, enter the Identity Manager system administrator name. This is a user who has access to the Identity Manager. This entry must consist of letters and numbers only; special characters are not permitted.

  3. In the Admin Password field, enter the Identity Manager system administrator password.  The password displays as asterisks (*).
    Note: This entry must consist of letters and numbers only; special characters are not permitted.

  4. In the Admin DN field, enter the fully qualified distinguished name (DN) of the Identity Manager system administrator from the Admin Username field. Each entry uses a distinguished name (DN) to identify it uniquely. A DN is made up of an "attribute=value'' pairing that is separated by commas.
    For example, "cn=adminread,ou=avusers,dc=internal,dc=com".

  5. In the Identity Manager Base DN field, enter the Identity Manager server's base distinguished name.

  6. In the Identity Manager User ID Attribute field, enter the Identity Manager user ID attribute. This is the attribute of the myAvatar Identity Manager server that will become the myAvatar User ID. Most Windows Active Directory servers use "sAMAccountName" by default.

  7. In the Identity Manager User Description Attribute field, enter a unique identifier that the Identity Manager will use to describe network users. For example, the user's full name. This is the attribute that will become the myAvatar User description.

  8. Select Test Identity Manager Connectivity to test the connection to the Identity Manager server.
    A message displays if:

  • The application has successfully connected to the Identity Manger server and has retrieved test information.
  • The server cannot connect.
  • The Identity Manager system administrator cannot be authenticated by the myAvatar Identity Manager server.
  1. In the Automatically Update Identity Manager Users field, select whether or not the system should deactivate any Identity Manager users in myAvatar who are inactive on the Identity Manager server. This update process is configured to run at different times for different system codes. 
  2. In the Daily Update Time field, enter the start time of the automatic user updating process.

Identity Manager Demographics section

Use this section to map connections between Identity Manager demographic property names and the associated parent product demographic fields.

  1. The Identity Manager Demographics field displays the parent product's demographic fields and the associated Identity Manager property names.

  2. In the Demographic Field, select the demographic field from the list.
    Note: Fields for the Supplemental section of the User Definition form are available for mapping to Identity Manager attributes.

  3. In the Identity Manager Attribute field, enter the Identity Manager property name that will be used to identify the demographic field. 
    Note: These entries must be exact matches to the attributes that were defined on the myAvatar Identity Manager server.

  4. Select Link Fields to link the demographic field to the Identity Manager property field. 
    Note:The linked demographic attributes display in the Identity Manager Demographics field.

  5. Select Unlink Fields to remove the link between the Identity Manager property and the demographic field. 
    Note: The demographic attribute link is removed from the Identity Manager Demographics field.