A user configuration is a unique collection of settings, password policies, and applications that you apply to users associated with an Active Directory hierarchy (organizational unit or an individual user) or Active Directory group (except for distribution groups and Domain Local groups in Active Directory mixed mode, which are not supported). A user configuration enables you to control the behavior and appearance of the plug-in software for users.
User configurations set your user information, application definitions, password policies, and identity verification methods. You must also specify license information (license server and license type) in each user configuration. Therefore, your users cannot use the plug-in software until you establish their user configuration settings.
Before you create your user configurations, ensure that you already created or defined the following:
- Your central store
- Optional service modules
- Application definitions
- Password policies
- Security questions (optional)
User configurations consist of the following:
- Users associated with an Active Directory domain hierarchy (organizational unit or individual user) or group.
- Data protection methods.
- Application definitions you created, which you can combine into an application group when you create a user configuration.
- Password policies associated with any application groups. (While creating a user configuration, you can create one or more application groups to associate with a user configuration. You can also add an application group to a user configuration after you create the user configuration.)
- Self-service features (account unlock and password reset) and key management options (use of previous passwords, security questions you create for your users, and automatic key management).
- Settings for options such as Hot Desktop, credential provisioning, and application support.
Associating user configurations to groups is supported only in Active Directory domains that use Active Directory authentication.
Consider the following when planning your Single Sign-on Plug-in user environment: