Administration | Gatekeeper Admin Tool

The Gatekeeper Admin Tool provides an overview of the installed components and can be used to manage the system-wide configuration settings created during installation.

Gatekeeper

The following settings can be configured from the Gatekeeper tab.

Change proxy settings

If your organization is using a forward proxy server to route internet traffic externally, you will need to configure the proxy server to allow the Gatekeeper to reach the internet. Click Edit on the Proxy row and specify the address as a complete URL, including the protocol and any custom port.

Note: You can also specify proxy settings for accessing Gatekeepers from the top corner of the Admin Tool.

Update useful links

Click Update to refresh the list of useful links.

Active Directory Settings

The following settings can be configured from the Active Directory Settings tab.

Edit the scope of management

The Active Directory scope determines which users can use the Specops Key Recovery service.

  1. On the Gatekeeper Admin Tool, click Active Directory Settings.
  2. Find the row where the current Active Directory scope is displayed, and click Edit.
  3. Select the desired Active Directory scope, and click Add. Multiple locations can be selected if you want multiple scopes of management.
  4. Click OK.

Add/remove members to security groups

You can add additional members to the Admin, User admin, and Gatekeepers group. Users that are members of the Admin group are portal administrators on the Specops Authentication web. Users that are members of the User Admin group are able to access the user management features on the Specops Authentication web. Users that are members of the Gatekeepers group have permission to read user information.

  1. On the Gatekeeper Admin Tool, click Active Directory Settings.
  2. Find the security group you want to edit, and click Edit members.
  3. To add a member, click Add member, and enter the name of the user or group you want to add.
  4. To remove a member, select a member from the Group members list, and click Remove selected member.
  5. Click OK.

Specify preferred Domain Controller

By default, Specops Authentication will use the closest available Domain Controller. Click Change to specify the preferred Domain Controller.

Edit the user search settings

You can configure the following search settings on the User Management pages on the Specops Authentication web.

  • Search attributes: Specify the AD attributes to search from the User Management pages on the Specops Authentication web. If the field is not set, the default will be ambiguous name resolution (aNR), a consolidation of some common attributes on the user object. For more details about aNR, click here. To use aNR and a custom attribute, you will need to include aNR in a comma separated list of attributes to search.
  • Additional result attributes: Specify additional attributes in the search results.
  • Custom result limit: Specify the maximum number of results retrieved when searching for users.
Key Recovery

From the Key Recovery tab, you can:

  • Test the Specops Key Recovery Gatekeeper connection status
  • Tag the GPOs you want to use with Specops Key Recovery
  • Update the useful links when changes are made

Test the Specops Key Recovery Gatekeeper connection

  1. On the Gatekeeper Admin Tool, click Key Recovery.
  2. In the Key Recovery Connection Status section, click Test Connection.
  3. If the connection is successful, you will see OK.

Manage Key Recovery GPOs

You can tag the GPOs you want to use with Specops Key Recovery. Affected users can manage encryption device key recoveries.

  1. On the Gatekeeper Admin Tool, click Key Recovery.
  2. Click Tag GPOs, select the Group Policy, and click OK.

Update useful links

Click Update to refresh the list of useful links.