HP Identity Driven Manager Software Series User Manual
Page 59
2-37
Getting Started
User Session Information
1.
The Configuration Deployment option is used to automatically deploy
IDM configuration settings (Access Profiles, Locations, Times, Network
Resources) to the IDM agent. The default preference is to allow automatic
configuration deployment.
Click to select the
Disable automatic deploy to IDM agents option if you do
not want to use automatic IDM configuration deployment.
If you "disable" the Configuration Deployment option. in order for IDM
configuration changes to take affect you will need to manually deploy the
configuration to the IDM agent(s).
2.
The Wireless Settings option is used to allow configuration of Identity
Management features for select ProCurve wireless devices. The default
preference has the
Enable enhanced wireless support option selected.
When this option is deselected (no check mark), wireless configuration
options will not be visible and will not be applicable in rule evaluation
3.
To enable Endpoint integrity, check the
Enable Endpoint Integrity checkbox.
This will enable the Endpoint Integrity option in the Access Rules defini-
tions, and you can configure an Access Rule with one of the Endpoint
Integrity options (Pass, Fail or ANY). When you enable Endpoint Integrity
and set the attribute in a Global Access Rule or Access Policy Group rule,
the IDM agent will look for the RADIUS attribute in the supplicant’s
authentication request and act accordingly, applying the defined access
rule based on the endpoint integrity system response.
4.
To collect information about user logins and logouts, check the
Enable
User session accounting checkbox. This box must be checked if you want
to collect data for user logins and bandwidth usage, which is used for the
Bandwidth and User reports.
5.
To generate user session start and stop events and display them in the IDM
Events list, check the
Generate Session Start and Stop Events box. This
option does not affect accounting or collection of session history and
statistical information. Turning this option off will reduce the load on your
IDM server and the GUI by eliminating two-thirds of the events created
for every user login and logout.
6.
To reset all session accounting information whenever the server is
restarted, check the
Reset accounting statistics when the management server
starts box. When this option is selected, IDM closes any open sessions and
resets the RADIUS Server totals to zero when the server restarts.
If the status of users—logged on or off—seems incorrect, it is possible
that the session accounting is out of sync. Use the
Reset accounting
statistics option to correct the problem. This immediately closes any open
sessions (this has no effect on the user, only on the IDM accounting), and
resets user login counts on the RADIUS server to zero.