Configuring settings for BMC Helix SSO administrators
As a tenant administrator, you can configure settings such as for BMC Helix SSO administrators.
To configure the maximum session time for administrators
- In the BMC Helix SSO Admin Console, select General > Basic.
In the Max Admin Session Time field, set the time after which the admin session expires.
When this value is selected, time constraints are automatically enforced. By default, one hour is set.
Important
The minimum value is 1 minute, and the maximum value is 1 year.
Click Save.
To enable the lockout functionality for BMC Helix SSO administrators
By default, the account lockout functionality is disabled for the BMC Helix SSO Admin Console. You can set the number of login attempts for BMC Helix SSO administrator accounts before the accounts get locked out.
- In the BMC Helix SSO Admin Console, select General > Basic.
- In the Admin Lockout Threshold field, enter the number of login attempts for administrators.
By default, the value is set to 0.
To disable interactive self-help for administrators in the BMC Helix SSO Admin Console
By default, the interactive self-help is enabled for BMC Helix SSO. The Self-Help menu is displayed on the right of any page in the BMC Helix SSO Admin Console. Click the Self-Help menu to view the available options, and then follow the instructions displayed on the screen to perform a desired action.
You can disable the self-help from being displayed in the BMC Helix SSO Admin Console.
- In the BMC Helix SSO Admin Console, select General > Basic.
- Clear the Enable Interactive Help check box.
- Click Save.
- To apply the changes, log out from the BMC Helix SSO Admin Console, and log in again.
To enable audit records on the BMC Helix SSO server
By default, audit is disabled for both administrator and end-user actions. You can enable audit records on the BMC Helix SSO server. The following screenshot shows the Audit section in the BMC Helix SSO Admin Console:
- In the BMC Helix SSO Admin Console, select General > Advanced.
- In the Audit section, select the appropriate option:
- To enable audit records for administrator actions, select the Admin events check box.
- To enable audit records for end-user actions, select the End-user events check box. - Click Save.
When you enable audit logging, the Audit tab in the BMC Helix SSO Admin Console displays all actions performed by the administrator, end user, or both. By default, the Audit tab shows all logged administrator, end-user actions, or actions of both for the last day. You can get audit actions for a certain date and one session. For more information, see Reviewing audit records.
To update the retention policy
By default, all logged audit actions are stored in the database for the last 120 days. You can change the number of days in the Retention policy field only if you have the administrator rights and enable administrator events audit or end-user events audit. The Retention policy option is enabled by default.
Important
The Retention policy option is available only for the SaaS tenant. To enable the Retention policy option, you must select the Admin events or End-user events check box, or both.
To change the number of days for logging audit records in the database, perform one or more of the following actions:
| Task | Steps to perform |
|---|---|
To configure the retention policy for audit logs |
|
To disable the retention policy |
|
To delete old audit logs |
|
Comments
Log in or register to comment.