Administration | Gatekeeper Admin Tool

The Gatekeeper Admin Tool provides an overview of the installed components and can be used to manage the system wide configuration settings created during installation.

Gatekeeper

The following settings can be configured from the Gatekeeper tab.

Upgrade Gatekeeper Admin Tool

For more information on upgrading to the latest version of Specops Authentication, click here.

Change proxy settings

If your organization is using a forward proxy server to route internet traffic externally, you will need to configure the proxy server to allow the Gatekeeper to reach the internet. Click Edit on the Proxy row and specify the address as a complete URL, including the protocol and any custom port.

Note: You can also specify proxy settings for accessing Gatekeepers from the top corner of the Admin Tool.

Update useful links

Click Update to refresh the list of useful links.

Active Directory Settings

The following settings can be configured from the Active Directory Settings tab.

Edit the scope of management

The Active Directory scope determines which users can use the Specops Authentication service.

  1. On the Gatekeeper Admin Tool, click Active Directory Settings.
  2. Find the row where the current Active Directory scope is displayed, and click Edit.
  3. Select the desired Active Directory scope, and click Add. Multiple locations can be selected if you want multiple scopes of management.
  4. Click OK.

Add/remove members to security groups

You can add additional members to the Admin, User admin, and Gatekeepers group. Users that are members of the Admin group are portal administrator on the Specops Authentication web. Users that are members of the User Admin group are able to access the user management features on the Specops Authentication web. Users that are members of the Gatekeepers group have permission to read user information.

  1. On the Gatekeeper Admin Tool, click Active Directory Settings.
  2. Find the security group you want to edit, and click Edit members.
  3. To add a member, click Add member, and enter the name of the user or group you want to add.
  4. To remove a member, select a member from the Group members list, and click Remove selected member.
  5. Click OK.

Specify preferred Domain Controller

By default, Specops Authentication will use the closest available Domain Controller. Click Change to specify the preferred Domain Controller.

Edit the user search settings

You can configure the following search settings on the User Management pages on the Specops Authentication web.

  • Search attributes: Specify the AD attributes to search from the User Management pages on the Specops Authentication web. If the field is not set, the default will be ambiguous name resolution (aNR), a consolidation of some common attributes on the user object. For more details about aNR, click here. To use aNR and a custom attribute, you will need to include aNR in a comma separated list of attributes to search.
  • Additional result attributes: Specify additional attributes in the search results.
  • Custom result limit: Specify the maximum number of results retrieved when searching for users.
uReset

The following settings can be configured from the uReset tab.

Enable uReset in Specops Authentication

You can enable the uReset feature in Specops Authentication and enable end-users to address common tasks related to password management, including forgotten passwords. This feature is locked unless you have uReset as a part of your subscription.

  1. On the Gatekeeper Admin, click uReset.
  2. On the uReset feature, click Change.
  3. Select one of the following options when enabling the password reset feature:
    • Standard Security Mode: All users that are members of the Specops Authentication Administrators group will be able to reset passwords for other users.
    • Delegated Security Mode: The access control for resetting passwords for other users is based on the actual security configuration (‘reset password’ permission) in Active Directory.
  4. Click OK.

Manage uReset GPOs

You can tag the GPOs you want to use with the Specops uReset feature on Specops Authentication. Affected users can manage password resets and changes with Specops uReset.

  1. On the Gatekeeper Admin Tool, click uReset.
  2. Click Tag GPOs, select the Group Policy, and click OK.

Manage end-user notifications in uReset

The notification settings affect the Specops Authentication Client, an optional component installed on workstations, which can notify users if they required to enroll in the system. The type of reminders you want your users to receive, and how often they should receive them, can be configured as well.

  1. On the Gatekeeper Admin Tool, click uReset.
  2. Find uReset settings GPO, and click New.
  3. Select a GPO, and click OK.
  4. In the Status check interval field, configure how often the Specops Authentication Client check the user’s enrollment status. A user that has not enrolled with Specops Authentication will receive an enrollment reminder.

Note: If Specops Password Policy is also used, this setting also configures how often user’s password is checked for expiration.

  1. You can configure the reminder to appear during user logon and at regular intervals during the day, or only during user logon, or only during a periodic interval. Alternatively, you can turn off the reminders.

Note: When to show enrollment reminder does not affect the password expiration reminder.

  1. In the enrollment reminder mode settings, select one of the following options:
  • Balloon tip in the notification area: Clicking the reminder will take the user directly to the enrollment web page.
  • Start browser: The reminder opens a browser window with the enrollment web page.
  • Start unclosable fullscreen browser: The reminder opens a full screen browser window with the enrollment web page which cannot be closed until the enrollment has been completed.

Reset password link update

Click Update to refresh the list of useful links

Office 365

From the Office 365 tab you can tag the GPOs you want to use with Specops Authentication. Affected users can have their authentication, provisioning, and licensing settings configured from the Specops Authentication web. Alternatively, if you want Specops Authentication to be applied to the scope selected during the Gatekeeper installation, skip this step, and select Cloud in the last step when configuring Specops Authentication with O365.

  1. On the Gatekeeper Admin Tool, click Office 365.
  2. Click Tag GPOs, select the Group Policy, and click OK.

Update useful links

Click Update to refresh the list of useful links.

  • Was this Helpful ?
  • Yes   No