Chapter 7: Using the SafeWord 2008 Management Console
Managing users
144
Defining privileges for helpdesk staff
Helpdesk staff users are able to offer first tier support to your users. A helpdesk
staff user should be given enough privileges to handle most of the
authentication problems that your users may encounter. Figure 90 displays the
privilege selections available for helpdesk staff.
Figure 90:
Helpdesk
staff privilege settings
12
Ensure that
Helpdesk staff
is selected under Administrative Level. Then
choose from the following privileges.
•
Remove software/hardware authenticators:
allows this user to remove
software and hardware authenticators from a user record. For example, a
helpdesk user will be able to remove a user’s hardware token if a user
reports that his hardware token has been stolen or destroyed. Clicking this
option will check and disable the Temporarily disable/enable hardware
authenticators option.
•
Temporarily disable/enable hardware authenticators:
allows authenticators
to be disabled or enabled by helpdesk staff. For example, helpdesk staff will
be able to temporarily disable a user’s hardware token if that token has
been lost or forgotten for a period of time.
•
Add/Remove/Change fixed passwords:
allows helpdesk staff to remove
old, compromised, or unneeded fixed passwords from a user record.
Helpdesk staff will be able to grant and remove temporary emergency
passwords for users who have lost their hardware tokens. Clicking this
option will check and disable the Change existing fixed password option.
•
Change existing passwords:
allows helpdesk staff to change user’s
existing passwords.
•
Add/Remove/Change SoftPINs:
allows helpdesk staff to add, delete, or
remove SoftPINs from a user record. Helpdesk staff will be able to allow a
user to secure his token with a SoftPIN. Clicking this option will check and
disable the Change existing SoftPIN option.