The following settings can be configured from the
Active Directory Settings tab.
Edit the scope of management
The Active Directory scope determines which users can use the Specops
Authentication service.
-
On the Gatekeeper Admin Tool
, click
Active Directory Settings.
-
Find the row where the current Active Directory scope is displayed,
and click Edit.
-
Select the desired Active Directory scope, and click
Add. Multiple locations can be selected if you want multiple
scopes of management.
- Click OK.
Enable password resets
in
Specops Authentication
You can enable the
uReset and Secure Service Desk
features in
Specops Authentication.
For uReset enable end-users to
address common tasks related to password management, including forgotten
passwords. This feature is locked unless you have
uReset
as a part of your
subscription. For Secure Service Desk this enables the administration of users in Secure Service Desk. This feature is locked unless you have
Secure Service Desk
as a part of your
subscription.
-
In the Gatekeeper Admin Tool, click
Active Directory Settings.
-
In the Active Directory Settings section,
click Change in the Allow password resets row.
-
Select one of the following options when enabling the password reset
feature:
-
Standard Security Mode: All users that are members of the Specops
Authentication Service Desk Agents group will be able to reset
passwords for other users.
-
Delegated Security Mode: The access control for resetting
passwords for other users is based on the actual security
configuration (‘reset password’ permission) in Active Directory.
- Click OK.
Add/remove members to security groups
You can add additional members to the Admin, User admin, Gatekeepers, and Reporting Readers
groups. Users that are members of the Admin group are portal
administrator on the
Specops Authentication Web
. Users that are
members of the User Admin group are able to access the user management
features on the Specops Authentication Web
.
Users that are members of the Gatekeepers group have permission to read
user information.
-
On the Gatekeeper Admin Tool
, click
Active Directory Settings.
-
Find the security group you want to edit, and click
Edit members.
-
To add a member, click Add member, and enter the name of the
user or group you want to add, then click OK.
-
To remove a member, select a member from the Group members list, and
click Remove selected member, then click OK.
- Click OK.
Reporting Readers group
Members of the Reporting Readers security group in the Gatekeeper Admin Tool can log in to Specops Authentication Web to view reports. Unless they are also members of other security groups, they will not see any other sections in Specops Authentication Web.
Members in this group will be able to see all reports related to the account. You cannot filter which reports are visible or not.
Specify preferred Domain Controller
By default, Specops Authentication
will use
the closest available Domain Controller. Click Change to specify
the preferred Domain Controller.