WinConsole – Visual-Guard

1. Introduction

Visual Guard is a comprehensive identity and access management solution that offers a unified approach to application security. It seamlessly integrates four major access control features into a single solution:

Authentication: This feature verifies the identity of end users accessing an application. Visual Guard supports username/password authentication and can also utilize Windows accounts stored in Active Directory. Under specific conditions, you can even integrate your own authentication system, allowing Visual Guard to focus solely on authorization.
Identity Management: Visual Guard offers robust administration consoles designed for both developers and non-technical administrators. These consoles facilitate efficient management of user accounts and groups.
Authorization: This feature defines the permissions of end users within an application, specifying what actions they can perform. Visual Guard allows you to centralize the permissions for all your applications in a single repository, simplifying access control management.
Audit & Reporting: Visual Guard provides robust auditing capabilities, enabling you to monitor events in both the secured application and Visual Guard tools. It allows for customization of the application log and can generate PDF reports for auditing purposes.

Visual Guard supports any technology capable of HTTP Request, including .Net, Java, C++, PowerBuilder, and more. This makes it a versatile solution that can be integrated into any new or existing applications. By centralizing the security of multiple applications in one repository, Visual Guard provides a streamlined and efficient approach to managing application security.

1.1 Visual Guard Console UI

The Visual Guard Win console is the interface through which you can manage the security information of your application.

The console is a development tool, where developers can create and manage all the security data: repositories, permissions, permission sets, user accounts, roles, etc.

It is an Identity management tool, where user administrators can manage user accounts, user groups, password, password policy, grant roles, etc

It is an Audit tool which allows auditors to generate reports and review the log of your applications.

Please Note:

The identity management features can also be performed in the Web Console. Please refer to the VG Web Console documentation for more information.
A large range of the features of the winconsole can be accessed through the VG API in case you want to develop you own security management interface. For more information about the API, please refer to the Developer’s guide.
Visual Guard allows users to create new user accounts or reuse existing Windows accounts stored in Active Directory.
Follow the steps below to open the Visual Guard application.
Access the Visual Guard console using the path Start > All Programs > Novalys > Visual Guard > Visual Guard Console

Double click on the “Visual guard Console” icon provided on the desktop.
The Visual Guard console will open.

Repository Management Panel (A): This will display the options to manage the repository. This option may change depending upon the selection made in the Left Navigation Panel.
Menu Bar (B): This will display various menu options that will help to manage the whole system. This option may change depending on the selection made in the Left.
Left Panel (C): This will display the list of repositories and applications integrated with the system. All other options might vary depending on the option selected under this panel.
Right Panel (D): This will display the list of repositories and applications integrated with the system. This option may vary depending on the selection made in the Left Navigation Panel.

See Also:

1.2 Installation Guide

System requirements

Operating System: Windows Server 2012, 2016, 2019,2022 or Windows 10, 11
Hard Drive: 512 GB to 1 TB Fast drive recommended – ideally SSD
CPU: Minimum of 4 cores, operating at 3 GHz or higher.
RAM: 8 GB
Software:
- .Net Framework 4.7.2 Runtime
VGRepository
- Require SQL Server 2012 or later, with a minimum of the Standard Edition.
- Require Oracle Database with Oracle9i or later. Please ensure the Oracle Driver is installed.

Installation

Visual Guard uses the industry standard InstallShield as the installation mechanism. The installation is almost entirely automated and should just take a few minutes to complete.

To install Visual Guard, follow the steps below:

Note: You can cancel the installation at any time

Step 1:Double-click on the installation file icon. The screen below will be displayed.
- Click “Next “ to continue with the installation.

Step 2: License Agreement: On selecting I Agree option, “Next “ will be enabled as shown below
- Click “Next “ to proceed with the installation.

Step 3: Select the location to install Visual Guard by clicking “Browse”.
- The selected location will be displayed in the Folder (A).
- You can click “Disk cost” to see the availability and required space for installation.
- Click “Next >” to proceed with the installation.

Step 4: Click “Next >” to start the installation or click “< Back” to make any changes.

Step 5: On clicking “Next >” , the installation process will start as shown below.

Step 6: Once the installation is complete, the screen below will be displayed.
- Click “Close” to exit the installation.

2. Repository

Visual Guard is a flexible and integrable security tool that manages authentication, permissions, and access rights management for your applications. A key component of Visual Guard is the “Repository”.

The Visual Guard Repository is a centralized database that stores all of Visual Guard’s security information. This includes user accounts, roles, permissions, permission sets, and user profiles, among other things. The repository can be created in either SQL Server or Oracle, providing flexibility depending on your database preferences or existing infrastructure.

Once created, the repository allows for efficient management and control of access rights across your applications. It enables administrators to define roles and permissions, assign them to users, and manage user profiles. Moreover, the repository is not just a static storage of information. It is a dynamic component of the Visual Guard system, allowing for updates and changes as your security requirements evolve.

In addition to explaining how to create, update, backup, restore, and move the repository, the documentation page also provides details on managing repositories in specific environments such as .NET, Java, PowerBuilder, and others. It also provides links to other sections of the Visual Guard documentation that may be useful for understanding and managing the repository.

In summary, the Visual Guard repository is a comprehensive and flexible solution for managing application security data. Whether you’re using SQL Server or Oracle, it provides the necessary tools to effectively control access and protect your applications. For a complete understanding, it is recommended to read the entire page and follow the provided links for additional information on specific topics.

2.1 Connect to a Repository

Once a repository has been created, it will be listed under VG WinConsole. Before you can perform actions on the repository, you need to connect to it.

Follow the steps below to access a repository on the console

Access the VG WinConsole under the path Start > All Programs > Novalys > Visual Guard X.X > Visual Guard Console
The Visual Guard console will open.

Select the repository you want to connect to.

Use one of the methods below to connect to the selected repository.
- Right click on the Repository in the Left Navigation Panel and select Connect menu from the Popup Menu. (A)
  OR
- Select Connect menu from Action Menu. (B)
  OR
- Click on Click Here (C) link provided in the Right Panel of Visual Guard Console

Once you click on the connect option following screen will be displayed

If mixed mode authentication has been enabled in this repository, you will have to choose which mode you will use to connect.
Select the appropriate authentication mode (A). Depending on the selection of the authentication type the fields will vary.
Please Note: The user has to choose authentication mode only if mixed mode authentication is enabled.

E.g. In case the user selects Identity Federation Server the fieds displayed above will be shown.
Select the ADFS server from the dropdown.
Enter the username with domain name and password. In the present case if current user checkbox is selected, the currently logged in user credentials willl be selected. Click “OK” to log in the system.

The system will authenticate the credentials and provide you access according to the role assigned to you.
If more than one role are assigned to you, the system will grant you the privileges relevant to all the roles.
Click “OK” to login.
The Repository details will be displayed to you.

See Also:

2.2 Create a new Repository

2.2.1 Create a new Repository (File system)

This page shows how to create a repository stored in files.

Please Note: Storing VG repository in files is not recommended if you have more than 200 user accounts.

Follow the steps below to create a file repository.

Access the VG Win Console using the path Start > All Programs > Novalys > Visual Guard > Visual Guard Console
The VG Win console will open.

Access the Add Repository menu using one of the options below:
- Select the Add repository menu from File Menu. (A)

- Right click on the ‘Visual Guard Console’ in the Left Navigation Panel and select Add repository menu from the Popup Menu. (B)

- Click “Add Repository” . (C)
The Repository Creation Wizard screen will be displayed as shown below.

The wizard will automatically walk you through the repository creation.
Click “Next >” to access the Next screen.

Select the highlighted option (A) from the screen to Create a new empty repository.
Click “Next >” to select the repository type.

Select option (A) from the screen to create a File Repository.
Click “Next >” to select the location of the Repository

Select the path where the repository is to be created by clicking “…” (A).
The selected path will be displayed in the highlighted section as shown below.
This location will be used for saving the repository.

In the above screen you can see an example of the path where Repository is the name of the directory which will contain the files for that particular repository.
As you give the path, a message box will be displayed to confirm for the creation of the directory.

Click “yes” to create the directory or click “no” to cancel the creation.
Click “Next >” to select the Authentication Mode.

Visual Guard offers two types of authentication modes: Visual Guard Authentication Mode (A) as well as Windows Authentication Mode (B) for the File Repository.
User can select both or either of the two available options.
Please Note: Database user accounts can not be used in file repository.
Click “Next >” to specify the Repository Name and Default Master User Information details.

Specify the Repository Name in the Repository Name Text Box (A).
Specify the Default Master User Information (B)
- Select the Authentication mode (C) for which the account details are to be specified.
- The Authentication menu (C) will display all the Authentication Modes selected by you.
- Specify a user name and password. This option will be available in case the Visual Guard Authentication Mode is selected.
- In case of Windows Authentication Mode, the current username and password will be automatically used for authentication.

Please Note: Here you are creating your first user account too.

Click “Next >” to complete the Repository Creation Process.

Click “Finish” to successfully start using the repository.

The Repository will be displayed in the Left Navigation Panel as well as the Main Section on the Visual Guard Console.

To access the repository, click on the option (A).
The following Login screen will open and allow you to authenticate and access the repository.

Since you have only one user account initially for a single Authentication Mode, you will not be asked to select the Authentication Mode. Enter you credentials to connect to the repository.
The following repository related details will be displayed in the main area.

See Also:

2.2.2 Create a new Repository (SQL Server)

This page shows how to create a repository stored in SQL Server.

Access the VG Win Console application using the path Start > All Programs > Novalys > Visual Guard > Visual Guard Console
The VG Win console will open as shown below

Access the Add Repository option using one of the options below:
- Select the Add repository menu from File Menu. (A)

- Right click on the ‘Visual Guard Console’ in the Left Navigation Panel and select Add repository menu from the Popup Menu. (B)

- Click “add repository” . (C)
The Repository Creation Wizard screen will be displayed as shown below.

The wizard will automatically walk you through the repository creation.
Click “Next >” to access the Next screen.

Select the option (A) from the screen to Create a new empty repository.
Click “Next >” to select the repository type

Select option (A) from the screen to create a SQL Server Repository.
Click “Next >” to specify the SQL Server name as well as the username and password required to access the repository; the screen below will be displayed.

Your Database Administrator (DBA) can create database objects manually thanks to a script provided with Visual Guard.
The scripts are in the file <Visual Guard installation directory>\Visual Guard Console\Database\SQLServer
For more information click:
- http://www.visual-guard.com/EN/dotnet-security-user-role-permission/support/dotnet-API-how-to-documentation
Specify the server location in the option (A). You can specify either the IP Address or the Server Name. This server contains the objects of the database necessary to store the Visual Guard repository.
Select the Authentication Mode (B).
Two types of authentication modes are available SQL Server Mode and Windows Authentication Mode (B)

You can select one of the either authentication modes. Specify the username and password that will be used to connect to the server.
Select the database name or enter the name of the new database where this repository is to be created by using option (A).
Click on the “Next >” to select Authentication Mode.

Visual Guard offers three types of authentication modes Visual Guard Authentication Mode (A), Windows Authentication Mode (B), as well as Database Authentication Mode (C) for SQL Server Repository.
You can select all three or either of the available options.
Click “Next >” to specify the Repository Name and Default Master User Information details

Specify the Repository Name in the Repository Name Text Box (A).
Specify the Default Master User Information (B)
- Select the Authentication mode (C) for which the account details are to be specified.
- The Authentication option (C) will display all Authentication Modes selected by you.
- Specify a user name and password. This option will be available in case of Visual Guard Authentication Mode is selected.
- In case of Windows Authentication Mode, the current username and password will be automatically used for authentication.
- In case Database Authentication Mode is selected then the username and password used to authenticate database should be specified.

Click “Next >” to complete the Repository Creation Process.
Once you click on the Next Visual Guard will create the structure of the repository in the database.

Click “Finish” to successfully start using the repository.
The user whose details are provided in the above screen will be able to create tables, stored procedures and role in the database.
The Repository will be displayed in the Left Navigation Panel as well as the Main Section on the Visual Guard Console.

To access the repository, click on option (A).
The following login screen will open and allow you to authenticate and access the repository.

Select the Authentication Mode and specify the username and password.
The following details will be displayed on Visual Guard Console.

See Also:

2.2.3 Create a new Repository (Oracle)

This page shows how to create a repository stored in Oracle Database.

Access the VG Win Console application using the path Start > All Programs > Novalys > Visual Guard > Visual Guard Console
The VG Win Console will open.

Access the Add Repository option using one of the options below:
- Select the Add repository option from File Menu. (A)

- Right click on the ‘Visual Guard Console’ in the Left Navigation Panel and select Add repository option from the Popup Menu. (A).

- Click “add repository” . (C)
The Repository Creation Wizard screen will be displayed as shown below.

The wizards will automatically walk you through the repository creation.
Click “Next >” to access the Next screen.

Select highlighted option (A) from the screen to Create a new empty repository.
Click “Next >” to select the repository type.

Select option (A) from the screen to create an Oracle Repository.
Click “Next >” to specify the server name as well as the username and password required to access the repository; screen below will be displayed.

Your Database Administrator (DBA) can create database objects manually thanks to a script provided with Visual Guard.
The scripts are in the file <Visual Guard installation directory>\Visual Guard Console\Database\Oracle.
Specify the Server Name in the option (A). This server contains the objects of the database necessary to store the Visual Guard repository.
Select the Authentication Mode (B).
Two types of database authentication modes are available namely Oracle Authentication and Windows Authentication Mode (B).

You can select either of the available authentication modes. Specify the username and password that will be used to connect to the server.
Specify the schema name.
If the Schema Name field is empty, Visual Guard will create the structure in the schema of the User Name specified in the wizard.
Click “Next >” to select the Authentication Mode.

Visual Guard offers three types of authentication modes Visual Guard Authentication Mode (A), Windows Authentication Mode (B), and Database Authentication Mode (C) for Oracle Repository.
User can select all three or either of the available options.
Click “Next >” to specify Repository Name and Default Master User Information details.

Specify the Repository Name in the Repository Name Text Box (A).
Specify the Default Master User information (B)
- Select the Authentication mode (C) for which the account details are to be specified.
- The Authentication option (C) will display all the Authentication Modes selected by you.
- Specify a user name and password. This option will be available in case Visual Guard Authentication Mode is selected.
- In case of Windows Authentication Mode, the current username and password will be automatically used for authentication.
- In case Database Authentication Mode is selected then the username and password used to authenticate the database should be specified.

Click “Finish” to complete the Repository Creation Process.
Once you click on the Finish Visual Guard will create the structure of the repository in the database.
The users whose details are provided in the above screen will be able to create tables, stored procedures and role in the database.
The Repository will be displayed in the Left Navigation Panel as well as the Main Section on the Visual Guard console.

To access the repository, click on option (A).
The following login screen will open and allow you to authenticate and access the repository.

Select the Authentication Mode and specify the username and password.
The following details will be displayed on the Visual Guard Console.

See Also:

2.3 Add an Existing Repository

2.3.1 Add an Existing Repository (File system)

Please Note: Deleting a repository from the list means it will not appear anymore in the Winconsole. This is different from the option “remove repository” which allows you to totally erase a repository from your system.

This section shows how to add in the preview a file repository, previously created and deleted from the list.

Access the VG Win Console application using the path Start > All Programs > Novalys > Visual Guard > Visual Guard Console
The VG Win Console will open.

Access the Add Repository option using one of the options below:
- Select Add repository option from File Menu (A)

- Right click on the ‘Visual Guard Console’ in the Left Navigation Panel and select Add repository option from the Popup Menu. (B)

- Click “Add repository…” (C)
The Repository Creation Wizard screen will be displayed as shown below:

The wizard will automatically walk you through the repository creation.
Click “Next >” to access the Next screen.

Select the highlighted option (A) from the screen to create a repository using an existing repository.
Click “Next >” to select a repository type.

Select option (A) from the screen to create a File Repository.
Click “Next >” to select the path of the Repository under which the existing repository exists; the Repository Location Selection screen will be displayed.

Select the path where the repository is to be created by clicking “…” (A).
This will be the location where the existing repository is stored.
The selected path will be displayed in the highlighted section as shown below.

The Authentication Mode selected for the existing repository will automatically be used for the new repository.
Click “Finish” to complete the Repository Creation Process.
The Repository will be displayed in the Left Navigation Panel as well as the Main Section on the Visual Guard Console.

To access the repository, click on the option (A).
The following screen will open and allow you to authenticate and access the repository.

Select the Authentication Mode and specify the username and the password.
The following repository related details will be displayed in the main area.

See Also:

2.3.2 Add an Existing Repository (SQL Server).

This section shows how to add in the preview an SQL repository, previously created and deleted from the list.

Access the VG Win Console application using the path Start > All Programs > Novalys > Visual Guard > Visual Guard Console
The VG Win console will open as shown below.

Access the Add Repository option using one of the options below:
- Select Add repository option from File Menu (A).

- Right click on the ‘Visual Guard Console’ in the Left Navigation Panel and select Add repository option from the Popup Menu. (B)

- Click “Add repository…” (C)
The Repository Creation Wizard screen will be displayed as shown below:

The wizard will automatically walk you through the repository creation.
Click “Next >” to access the Next screen.

Select the highlighted option (A) from the screen to create a repository using an existing repository.
Click “Next >” to select repository type.

Select option (A) from the screen to create a SQL Server Repository.
Click “Next >” to specify the SQL Server name as well as the username and password required to access the repository; the following screen will be displayed.

Specify the server location in the option (A). You can specify either the IP Address or the Server Name This server contains the objects of the database necessary to store the Visual Guard repository.
Select the Authentication Mode (B).
Two types of authentication modes are available namely SQL Server Mode and Windows Authentication Mode (B)

You can use either authentication types. Specify the username and password that will be used to connect to the server.
Select the database where this repository is to be created by using option (A).
The database will be same where the existing repository is stored.
The Authentication Mode selected for the existing repository will automatically be used for the new repository.
Click “Finish” to complete the Repository Creation Process.
Visual Guard will automatically use the Repository Name used last to create the repository.
You can rename the repository on the Visual Guard Console once the creation process is complete.
The Repository will be displayed in the Left Navigation Panel as well as the Main Section on the Visual Guard Console.

To access the repository, click on option (A).
The following screen will open and allow you to authenticate and access the repository.

Select the Authentication Mode and specify the username and password.
The following repository related details will be displayed in the main area.

See Also:

2.3.3 Add an Existing Repository (Oracle)

This section shows how to add in the preview an Oracle repository, previously created and deleted from the list.

Access the VG Win Console application using the path Start > All Programs > Novalys > Visual Guard > Visual Guard Console
The VG Win Console will open as shown below.

Access the Add Repository option using one of the options below:
- Select Add repository option from File Menu (A).

- Right click on the ‘Visual Guard Console‘ in the Left Navigation Panel and select Add repository option from the Popup Menu. (B)

- Click “Add repository…” (C)
The Repository Creation Wizard screen will be displayed as shown below:

The wizard will automatically walk you through the repository creation.
Click “Next >” to access the Next screen.

Select the highlighted option (A) from the screen to create a repository using an existing repository.
Click “next >” to select repository type.

Select option (A) from the screen to create an Oracle Repository.
Click “Next >” to specify the server name as well as the username and password required to access the repository; the screen below will be displayed.

Specify the Server Name in the option (A). This server contains the objects of the database necessary to store the Visual Guard repository.
Select the Authentication Mode (B).
Two types of authentication modes are avaiable namely Oracle Authentication and Windows Authentication Mode (B).

You can select either of the authentication modes. Specify the username and password that will be used to connect to the server.
Specify the schema name.
The schema will be same where the existing repository is stored.
The Authentication Mode selected for the existing repository will automatically be used for the new repository.
Click “Finish” to complete the Repository Creation Process.
Visual Guard will automatically use the Repository Name used last to create the repository.
You can rename the repository on the Visual Guard Console once the creation process is complete.
The Repository will be displayed in the Left Navigation Panel as well as the Main Section on the Visual Guard Console.

To access the repository, click on the option (A).
The following screen will open and allow you to authenticate and access the repository.

Select the Authentication Mode and specify the username and password.
The following details will be displayed on the Visual Guard Console.

See Also:

2.3.4 Add an Existing Repository (VG Server)

This section shows how to add a repository in the preview through VG Server, previously created and deleted from the list.

Please Note: For adding existing repository through Visual Guard Server, Visual Guard service must be configured in private mode only.

Access the VG Win Console application using the path Start > All Programs > Novalys > Visual Guard > Visual Guard Console
The VG Win console will open as shown below.

Access the Add Repository option using one of the options below:
- Select Add repository option from Action Menu. (A)

- Right click on the ‘Visual Guard Console’ in the Left Navigation Panel and select Add repository option from the Popup Menu. (B)

- .Click “Add repository…” .(C)

- Select Add repository option from File Menu
The Repository Creation Wizard screen will be displayed as shown below:

The wizard will automatically walk you through the repository creation.
Click “Next >” to access the Next screen.

Select the highlighted option (A) from the screen to create a repository using an existing repository.
Click “Next >” to select repository type.

Select option (A) from the screen to create a repository through Visual Guard Server.
Click “Next >” to provide the URL of the Repository under which the existing repository exists; the Repository Location Selection screen will be displayed.

Specify the server location in the option (A).

Please Note: You can provide the URL with both TCP or HTTP service.

Visual Guard Server URL with TCP Service:

Visual Guard Server URL with HTTP Service:

Click “Finish” to complete the Repository Creation Process.
Visual Guard will automatically use the Repository Name used last to create the repository.
You can rename the repository on the Visual Guard Console once the creation process is complete.
The Repository will be displayed in the Left Navigation Panel as well as the Main Section on the Visual Guard Console.

To access the repository, click on option (A).
The following screen will open and allow you to authenticate and access the repository.

Select the Authentication Mode and specify the username and password.
The following repository related details will be displayed in the main area.

See Also:

2.4 View Repository Information

To view repository related details follow the steps below:

Log in to the Repository.
Click on the Repository Name to view the Repository Information and Application Details.
Select the Repository Information Tab (A).

The following details will be displayed to you:

Fiel	Description
License Information:	This section explains about the license details
Repository ID	This is the unique id of the repository. This is used to generate the license key.
License Key	This option displays the license key of the repository. The license key defines the maximum number of user accounts allowed in the repository and expiry date of the license.
License Type	This option displays the type of license i.e. Full or Evaluation
Expiration Date	This option displays the expiry date of the license. After this date, you will not be able to add user accounts.
Maximum number of users	This option displays the maximum number of user accounts allowed in the repositories.

Miscellaneous
Description	This option displays the description of the user
Default Name	This option displays the default name of the repository
Supported Authentication Modes	This option indicates all the authentication modes supported by the repository
Repositotory Migration Code	This option indicates the four-digit code that is used to migrate the database structure containing the repository to be compatible with the higher versions of Visual Guard. The default value of this code is ‘0000’
Log Enabled	This option indicates whether the events of the application will be recorded in a log.
Use Update Method	This option indicates when Visual Guard must use update method when the id of the repository is modified
Token expires after	This option displays the time out period when you will be logged out from the application as your connection remain idle for that time period. You will have to login into the application again after the time out.
Last Modification	This option displays the last date when the item was modified.
IsConnected	This option displays whether the repository is connected or not.

Password Policy
Requires Unique Email	This option displays whether the repository is created or not.
Requires Password Question and Answer	This option displays whether the repository is configured to require a password question and answer for each user. If you have specified the values in this option and the user doesn’t respect the rule, an appropriate error message is displayed.
Enable Password Reset	This option displays whether the current repository is configured to allow users to reset their password. Password reset is the ability for application to replace the current password for a user name with a new, randomly generated password when a user has forgotten his password or the current password is no longer valid.
Password Policy	This option displays the information related to password policy

Following options will also be available:
- Edit Password Policy
- Download License Key
- Request License Key
- Cancel Request
- Repository Migration Code

See Also:

Viewing Repository User Attribute Detail
Viewing Repository Module Details
Viewing Application Details
Viewing Web Portal Detail
Viewing ADFS Server Details

2.5 View Applications details

To view the list of applications integrated in the repository follow the steps below:

Log in to the Repository.
Click on the Repository Name to view the Application Details.
Select the Applications Tab (A).

The following details will be displayed:

Field	Description
Repository Name and Path
Application Name	This option displays the name of the application
Description	This option displays a brief description about the application
Secured Assembly Path	This option displays the path details.

Once the user clicks on the application details, he will be directed to Application Details page.

See Also:

2.6 Event Viewer

Visual Guard allows you to view the events that occurred in the repository or in the secured applications.

Follow the steps below to view the events:

Log in to the repository.
The details of the selected repository will be displayed as shown below.

Access the Event Viewer option using one of the options below:
- Right click on the repository name and select the Event Viewer menu (A) from the popup menu.

- Select Event Viewer menu item from the Action menu (B).
The Event Log screen will be displayed as shown below.

Please Note:

- If you select the repository node in the tree view and open the event viewer, you will see the log of all the applications secured in this repository, including the console by cliking on “Find” .
- This gives you a comprehensive view of the security of your system. For example, you can see all the actions of a particular user throughout all applications.
- If you want to see the event log of one application or of the console, you have first to select this application in the tree view, then open the event viewer.
You can filter and view the events using various filter options (C).

Field	Description
	Filter Options: This section explains about the filter option details.
Filter Type	Select any one of the filter type from the available filters (Display All, Username, Event Id and Event Category). By default, ‘Display All’ is selected
Start	Select the start date and time from when you want to filter. By default, this option is disabled. To enable it, click on the check option. After enabling, you can select the date by clicking v.
End	Select the end date and time till when you want to filter. By default, this option is disabled. To enable it, click on the check. After enabling, you can select the date by clicking v.
“Find”	Once you click on this option, the system will search for all events matching the specified criteria.
Event Category	This field is displayed when Event Category option is selected instead of Display All and allows you to search an event by their category.
Event ID	This field is displayed when Event ID option is selected instead of Display All and allows you to search an event by their ID.
User Name	This field is displayed when User Name option is selected instead of Display All and allows you to enter the user name by which you want to search an event.

Once you click “Find” , the result will be displayed as shown below.

The system allows you to perform following actions upon the event details:
- Export to PDF
- Clear log entries
- Add Event Description
- Edit Event Descriptions
- Refresh: This option allows you to refresh the contents once you click on this option any new event will be appended to existing list.

2.7 Generate Documentation

Visual Guard allows you to generate report relevant to the selected entity.

Follow the steps below to generate documentation:

Login to the Repository
The repository details of the selected repository will be displayed as shown below.

Access the Generate documentation option using one of the options below:
- Right Click on the repository name and select the Generate documentation menu item (A) from the menu.

- Select Generate documentation menu item from Action Menu. (B)

- Select the repository and press Ctrl+Shift+R to Generate Documentation
Generate documentation screen will be displayed.

Specify the following details to request for a license key:

Field	Description
Output Location	Enter an output location where the report will be saved. A default location will be displayed to you. The report will be generated in pdf format.
Paper Size	Enter the paper size. Two options are displayed by default -Letter (Default option) -A4
Generate Detailed Information for	This option displays the tree structure for the selected repository. The selected root and its associated leaves will only be enabled by default. For example here all leaves are enabled since repository has been selected. You can select or deselect an option using the checkbox. The report will be generated for selected information.

Click “OK” if you want to save the details and generate the document.
The report will be displayed to you as follows.

Click “Cancel” if you want to Cancel the operation.

2.8 Edit Password Policy

The Password Policy allows you to define password rules.

Note: If there is a change in password policy since the last login and password does not follow the new password policy, a message will be displayed prompting the user to change their password.

Follow the steps below to edit Password Policy.

Log in to the Repository.
The repository details of the selected repository will be displayed as shown below.

Access the Edit Password Policy option using one of the options below:
- Right Click on the repository name and select the Edit Password Policy menu item (A) from the menu.

- Select Edit Password Policy menu item from Action Menu. (B)

- Click on the Edit Password Policy option provided at the bottom of the Right Navigation Panel.
The Edit Password Policy screen will be displayed as shown below:

Specify the following details to edit password policy

Field	Description
Minimum length required for a password	Enter the minimum password length. This option defines the minimum number of characters that must be entered to create a valid password.
Minimum number of special characters that must be present in a valid password	Enter the maximum number of special characters (non-alphanumeric) required in a valid password.
Never use<Number> old passwords	Enter whether you want to allow the users to be able to use old passwords. This option defines the number of old passwords stored in the repository and used to compare with a new password. You can restrict the user from using his old passwords. You can specify the maximum number of passwords that user cannot repeat
Validation Rule	Enter the validation rule. This option defines the regular expression used to validate the password. For example Length:{8,15} ^\w{0,10}$ allows words of up to 10 characters. ^\w{6,}$ allows words of more than 5 characters. ^\w{5,10}$ allows words of length between 5 and 10 characters.
Validation Message	Enter the validation message for example “Invalid Password” This option defines a message displayed to the user if their passwords do not match the password policy.
Password expires after<days> days	Enter the number of days for which the current password will be valid. This option defines the number of days a password is valid. After these days the password will expire and user must change it.

	This section explains the actions to be taken when password expires or does not comply with the password policy.
Action	Select the action. This option defines the following 3 actions performed when the password is expired or does not comply with the password policy. Display a warning Force the user to change password after N grace logins Force the user to change password
Grace Logins allowed	Enter the number of allowed grace logins. This option will be enabled only if “Force the user to change password after N grace logins” option has been selected in action option. This option defines number of logins allowed with an invalid password (Password has expired or does not match the password policy).
Lock out user account after invalid password attempts	This option defines if the user account is locked out after consecutive invalid password attempts
Number of consecutive invalid password attempts	This option defines the number of invalid password attempts allowed before the user account is locked out.
Password attempts window	Enter the time in minutes till when the password window will be displayed.
Auto Unlock blocked account after delay of <minutes> minutes between authentications	Enter the minutes after which the blocked user accounts are to be automatically activated. This option is enabled only if “Lock out user account after invalid password attempts” option is selected.

Click “OK” if you want to save the details entered in Edit Password Policy.
Click “Cancel” if you don’t want to save the details entered in Edit Password Policy.

2.9 Global MFA Policy

What is a Global MFA Policy? A Global MFA Policy in Visual Guard is a centralized set of rules and settings that define how MFA is applied across all applications and users within an organization.

In Winconsole to edit the global MFA policy follow the below steps.

Step 1: Click on the Repository –> you will see the page with details of the repository

Step 2: On the bottom left corner you will see the Edit Global MFA Policy link

Step 3: Fill in the required details.

Select the type of method you are opting for the security.
- OTP via email or phone
- Secure link via email or phone

The number of Grace logins (allows users a limited number of logins, or a period of time, to access a system without completing the usual authentication requirements) you would like to provide.

Provide the setting required.-
- Scope: choose where you want the setting to reflect either under the whole Repository or specific Application
- Duration: You can mention the time till when you want this feature to be active till

Provide the enrollment URL information

MFA – Multi Factor Authentication

2.10 Deploy & Import Repository

Repository deployment in Visual Guard refers to the process of deploying security configurations, such as roles, permissions, and user profiles, from a central repository to target environments. This deployment ensures consistency and synchronicity of security settings across different environments, such as development, testing, and production.

Visual Guard allows you to deploy the created repository. With this option you can make a copy of the whole repository to use it in the same system or the other system.

To deploy a repository, follow the steps below:

Step 1: Login to the Repository.

Step 2: Click “Next >” to continue the wizard or click “Cancel” to cancel the wizard.

Step 3: On clicking “Next >” the screen below will be displayed.Choose either A – Export data in a deployment configuration file or B – Deploy in an existing repository

If you choose A – Export data in a deployment configuration file follow the below steps. You get the below options
- Option 1: Deploy application: This option will deploy the full content of the selected application
- Option 2: Deploy the repository: This option will deploy yhr full content of the repository (users, roles, applications, permissions and much more)
- Option 3: Deploy parameters of the repository: This option will only deploy parameters of the repository

Option 2:

Step 1: Deploy the repository

Step 2: Choose your prefered overwrite option weather you want to overwrite the existing repository or not

Step 3: Click on Finish to complete the deployment

Note: Once you click Finish you will get a notification to choose the path of where the file will be saved.

Option 3:

Step 1: Deploy parameters of the repository

Step 2: Choose weather you want to deploy all respository information or Select informaion to deploy (you can select which parameter you would like to deploy manual from each category.

Step 3: Click on Finish to complete the deployment

Note: Once you click Finish you will get a notification to choose the path of where the file will be saved.

If you choose B – Deploy in an existing repository follow the below steps.

Step 1: Click deploy in an existing respository and click Next

Step 2: Refer to the Option A steps further

Import Deployment Configuration Files

Importing deployment configuration files refers to the process of loading external files containing predefined settings and configurations related to the deployment of software or applications. These files typically include details such as environment-specific configurations, deployment targets, versioning information, and other parameters necessary for deploying the software effectively. Importing deployment configuration files streamlines the deployment process by providing a standardized way to configure deployment settings, ensuring consistency and accuracy across different environments and deployment scenarios.

To import the configuration files follow the below steps

Step 1: Login to the repository and click on Import deployment configuration file

Step 2: Select the path of where your configuration files are saved by clicking on the 3 dots and click OK

Step 3: Once the configuration is successfull you will receive a popup notifying the same

Deploy Application

Deploy Repository

2.11 Rename Repository

Follow the steps below to rename repository:

Login to the Repository you want to rename.
The repository details of the selected repository will be displayed as shown below.

Access the Rename option using one of the options below:
- Right Click on the repository name and select the Rename menu item (A) from the menu.

- Select Rename menu item from Action Menu. (B)

- Select the repository and click on F2
The repository name will be displayed in editable mode

Enter the new name. The repository name will be saved when focus is lost.

2.12 Maintenance

You can execute the maintenance operation to check and refresh all encrypted data

2.13 Disconnect from a Repository

Follow the steps below to disconnect repository:

Select the repository you want to disconnect.
The details of the selected repository will be displayed as shown below.

Access the Disconnect option using one of the options below:
- Right click on the repository name and select the Disconnect menu (A) from the popup menu.

- Select Disconnect menu from the Action menu (B).

- Select the Visual Guard Console node in the tree view and click “Disconnect” provided in the Right Navigation Panel.
The repository will be disconnected and all the items under it will be hidden.

2.14 Remove Repository

Visual Guard allows you to remove the selected repository node.

Please Note:

The option “remove repository” allows you to totally erase a repository and all its content from your system.
It is different from the option “delete from list” which allows you to delete the name of a repository from the treeview in the console (in this case the repository and its content are still in the database).

Follow the steps below to remove repository:

Login to the Repository
The repository details will be displayed as shown below.

Access the Remove option using one of the options below:
- Right Click on the repository name and select the Remove menu item (A) from the menu.

- Select Remove menu item from Action Menu. (B)

- Click “Remove” provided in the Right Navigation Panel
The user will be asked for confirmation.

Enter the confirmation code and click “OK” to accept the deletion.
You can cancel the operation by clicking “Cancel” .

2.15 Delete from Repository list

Visual Guard allows you to remove the selected repository from the list.

Please Note

The option “remove repository” allows you to totally erase a repository and all its content from your system.
It is different from the option “delete from list” which allows you to delete the name of a repository from the treeview in the console (in this case the repository and its content are still in the database).
You can add the repository in the console using Selecting existing repository option.

You can add the repository in the console using Selecting existing repository option.

Follow the steps below to delete the repository from the list:

Login to the Repository that needs to be deleted
The repository details of the selected repository will be displayed as shown below.

Access the Delete from repository list option using one of the options below:
- Right click on the repository name and select the Delete from repository list menu item (A) from the menu.

- Select Delete from repository list menu item from Action Menu. (B)

- Clicking “Delete from list” provided in the Right Navigation Panel.
The user will be asked for confirmation

Click “Yes” to continue or click “No” to cancel

3. License Key

Visual Guard allows you to request a License Key using the software itself.

Follow the steps below to Request a License Key:

Login to the Repository
The repository details of the selected repository will be displayed as shown below.

Access the Request License Key option using one of the options below:
Right Click on the repository name and select the Request License Key menu item (A) from the menu.

Select Request License Key menu item from Action Menu. (B)

Click on the Request License Key option provided at the bottom of the Right Navigation Panel. (C)
Request a License Key screen will be displayed.

Specify the following details to request for a license key:

Field	Description
Email	Enter your valid email address. This is the address where the license key will be mailed.
Name	Enter your name
Company	Enter your company name
Phone Number	Enter your phone number
Country	Select country of operation
State	Enter a State name
Maximum Nummber of users requested	Select the appropriate option. Depending on the selection you will be able to create the specified number of user accounts.
Additional Information	Enter any additional information you would like to share

Click “OK” if you want to save the details and request for license.
Following confirmation message will be displayed

The Download License Key (A) link will also be enabled.

Click “Cancel” if you want to Cancel the operation.

3.1 License Key - WinConsole

Please follow the below steps to request for a license key in Visual Guard WinConsole.

Step 1: Login to a repository

Step 2: Right click on the repository to see a drop down of functions. Select request for license key from the drop down or from the icons given below on the same page.

Step 3: Fill in the required details.
- Email ID
- First Name
- Last Name
- Company
- Phone Number
- Country
- State
- Number of users requested for this repository

Step 4: Once the request is sent, the support team will process the key and you will be notified via email once it is generated. You will receive the steps of how to install the same.

3.2 Downloading

Visual Guard allows you to download a License Key. For this option to work you need to Request for a license key first.

Follow the steps below to Download License Key:

Login to the Repository.
The repository details of the selected repository will be displayed as shown below.

Access the Download License Key option using one of the options below:
Right Click on the repository name and select the Download License Key menu item (A) from the menu.

Select Download License Key menu item from Action Menu. (B)

Click on the Download License Key option provided at the bottom of the Right Navigation Panel. (C)
Download a License Key screen will be displayed asking for confirmation.

Click “Yes” to accept or click “No” to cancel the operation.
Once you click “Yes” the license key will automatically be replaced and will be displayed in License Key details.

3.3 Cancelling a Request

Visual Guard allows you to Cancel a License Key Request. For this option to work you need to Request for a license key first.

Follow the steps below to Cancel License Key Request:

Login to the Repository.
The repository details of the selected repository will be displayed as shown below.

Access the Cancel request option using one of the options below:
- Right Click on the repository name and select the Cancel request menu item (A) from the menu.

- Select Cancel request menu item from Action Menu. (B)

- Click on the Cancel request option provided at the bottom of the Right Panel. (C)
As soon as you select Cancel request option, the request is cancelled and Download License Key and Cancel request options are replaced with Request license key.

4. MultiFactor Authentication (MFA) Enrollment

Visual Guard supports Multi-Factor Authentication (MFA) on top of the existing authentication methods, requiring users to provide additional verification beyond a username and password. This could include receiving a one-time password (secure code) or magic link via SMS or email and TOTP via microsoft authenticator. MFA enhances security by adding an extra layer of protection against unauthorized access, even if login credentials are compromised.

Modes of Authentication

Via Email Address

Via Phone Number

Via Microsoft Authenticator

4.1 Via Email Address

OTP (One-Time Password) or a secure link sent via email is used as an additional layer of security to enhance the authentication process.This method significantly reduces the risk of unauthorized access and is especially useful for protecting sensitive operations and transactions.

Step 1: Select the email address option

Step 2: Enter your Email ID and select Send Email

Step 3: Enter the secure code you may have received over the registered email ID and click on Validate

Step 4: Once your identity is validated, you can return to the application home page. Upon attempting to log in, you will be presented with a screen that offers you the choice of receiving either a link or an OTP (One-Time Password) to your registered email ID for authentication. Select your preferred method and click “Continue” to complete the authentication process successfully.

Multifactor Enrollment Modes

4.2 Via Phone Number

In Visual Guard, the OTP/Link via phone number feature allows users to authenticate themselves through their registered mobile number. When attempting to log in, users can choose to receive an OTP (One-Time Password) or a verification link sent directly to their mobile phone via SMS. This added layer of security ensures that only users with access to the registered phone number can complete the authentication process.This method enhances security by leveraging a second factor of authentication tied to the user’s mobile device.

Step 1: Select the phone number option

Step 2: Enter your Phone Number and select Send SMS

Step 3: Enter the secure code you may have received over the registered phone number and click on Validate

Step 4: Once your identity is validated, you can return to the application home page. Upon attempting to log in, you will be presented with a screen that offers you the choice of receiving either a link or an OTP (One-Time Password) to your registered phone number for authentication. Select your preferred method and click “Continue” to complete the authentication process successfully.

Multifactor Enrollment Modes

4.3 Via Microsoft Authenticator

In Visual Guard, TOTP (Time-based One-Time Password) via Microsoft Authenticator provides an additional layer of security for user authentication. Users can set up their Microsoft Authenticator app to generate time-based, one-time passwords that refresh every 30 seconds. During the login process, users enter the current TOTP displayed on their Microsoft Authenticator app to verify their identity. This method ensures a secure and dynamic form of authentication, as the OTP is time-sensitive and unique to each login attempt.

Step 1: Select the Microsoft TOTP authentication option

Step 2: Select the type of device you use.

Step 3: Scan the QR code to download the application.

Andriod device

IOS device (Iphone)

Step 4: Once you open the application and scan the QR code your profile account will be added automatically.

Step 5: Enter the secure code that is generated by the application and click on Validate

Step 6: You will get a notification for the successfull enrollment, click on Go back to Application to login further.

Step 7: Once you can return to the application home page. Upon attempting to log in, you have to click on the Microsoft Authenticator icon and enter the code and click on Continue to complete the authentication process successfully.

Multifactor Enrollment Modes

5. Monitoring

Overview

Visual Guard offers a comprehensive monitoring solution that allows you to supervise and monitor the security aspects of your applications. This monitoring functionality provides real-time insights, customizable dashboards, and reporting capabilities to help you effectively monitor the security activities within Visual Guard.

Choosing the Scope of Supervision

The monitoring feature allows you to select the scope of your supervision based on your specific needs:

All Applications: To supervise all applications secured by Visual Guard within your environment, access the Visual Guard WinConsole and navigate to the “Monitoring” section. This provides a comprehensive overview of the security activities across your entire system.
Specific Application: To supervise a specific application or subset of applications, access the Visual Guard WinConsole and navigate to the section of that particular application. Then, go to the “Monitoring” section within that application. This allows you to monitor the security activities of the selected application in detail.

Selecting Specific Events

Within the Monitoring feature, you have the ability to select specific events for supervision. This allows you to focus on monitoring and analyzing the events that are most relevant to your security objectives. By selecting specific events, you can streamline your supervision efforts and gain targeted insights into potential security issues.

Time-Based Monitoring

The monitoring functionality offers time-based monitoring capabilities to help you track security activities over specific time periods. You can choose to monitor events over the course of a day, week, month, or any custom time range. This allows you to identify patterns and trends in security events during the specified timeframe.

Event History

One of the key features of the Monitoring functionality is the ability to access and review the event history. The event history provides a log of past security events and activities recorded within Visual Guard. You can retrieve and analyze this history to gain insights into past security incidents, user activities, and system behavior.

The event history allows you to search and filter events based on various criteria such as event type, date range, users, and more. This enables you to perform detailed analysis, generate reports, and identify trends or anomalies in the security events over time.

Key Features of Monitoring

The Monitoring feature offers a range of features to enhance your supervision capabilities:

Real-Time Monitoring: The monitoring functionality provides real-time monitoring of security events and activities within Visual Guard. You can view events as they occur and gain immediate visibility into potential security issues.
Customizable Dashboards: You can create customized dashboards within the Monitoring feature to display the security metrics and information that are most relevant to your specific needs. These dashboards can include charts, graphs, and other visualizations for easy interpretation.
Reporting and Analysis: The Monitoring feature enables you to generate reports and perform analysis on the security data collected by Visual Guard. This helps you identify trends, patterns, and potential vulnerabilities in your applications.
Alerts and Notifications: You can set up alerts and notifications for specific security events or conditions within the Monitoring feature. This helps you proactively identify and respond to potential security incidents.

Utilizing Monitoring

To start utilizing the Monitoring feature for supervision, follow these steps:

For supervising all applications:
1. Access the Visual Guard WinConsole.
2. Navigate to the “Monitoring” section.
3. Select the desired scope of supervision (all applications).
4. Configure the monitoring settings, including the selection of specific events, time range, metrics to track, thresholds for alerts, and dashboard customization.
5. Monitor the real-time security events and activities through the Monitoring interface.
For supervising a specific application:
1. Access the Visual Guard WinConsole.
2. Navigate to the section of the specific application.
3. Go to the “Monitoring” section within that application.
4. Configure the monitoring settings, including the selection of specific events, time range, metrics to track, thresholds for alerts, and dashboard customization.
5. Monitor the real-time security events and activities through the Monitoring interface.

Considerations and Best Practices

When utilizing the Monitoring feature for supervision, keep the following considerations and best practices in mind:

Scope Definition: Clearly define the scope of your supervision based on your specific requirements and security objectives.
Relevant Metrics and Events: Focus on monitoring and tracking the security metrics and events that are most relevant to your applications and align with your security goals.
Time-Based Analysis: Utilize the time-based monitoring capabilities to identify patterns and trends in security events over specific time periods.
Event History Analysis: Review the event history to gain insights into past security incidents, user activities, and system behavior.
Thresholds and Alerts: Set appropriate thresholds and alerts to ensure timely notification of potential security issues.
Regular Review: Regularly review the monitoring data, event history, and reports to identify trends, patterns, and areas for improvement in your application security.

5.1 Attendance hours

Overview

Visual Guard provides the capability to select specific event types and set a start and end date for event aggregation. This feature allows you to focus on specific security events within a defined time range, providing targeted insights and analysis.

Event Aggregation and Filtering

Event aggregation is a key feature of Visual Guard that helps reduce the noise and complexity of individual security events. By aggregating events, Visual Guard groups them together based on common attributes or time intervals, providing a consolidated view of security activities.

By selecting event types and setting a start and end date, you can filter and aggregate the relevant security events that match your specific monitoring needs. This enables you to gain insights into the aggregated events within the defined time range, identify patterns, and extract valuable information for security analysis.

Utilizing Event Aggregation and Filtering

To leverage the event aggregation and filtering features in Visual Guard, follow these steps:

Access the Visual Guard Monitoring Console (WinConsole or WebConsole).
Navigate to the event monitoring section.
Specify the event types you want to focus on.
Set the start and end date for event aggregation.
Explore the aggregated events within the defined time range.
Analyze the filtered events to gain targeted insights and identify security trends.

Considerations and Best Practices

When utilizing event aggregation and filtering in Visual Guard, consider the following best practices:

Select event types that are most relevant to your application’s security requirements and monitoring goals.
Set a meaningful and appropriate date range for event aggregation, ensuring it aligns with your analysis objectives.
Regularly review and adjust the event types and date range as needed to ensure you are monitoring the events that matter most to you.
Determining Optimal Maintenance Time: Analyze the aggregated events and identify periods of low activity or reduced security events. These periods may indicate optimal times for performing maintenance activities such as software updates, database optimizations, or server maintenance. By scheduling maintenance during these periods, you can minimize disruptions to end users and ensure smooth operation of your applications.
Detecting Connections During Late-Night Hours: Pay special attention to event occurrences during late-night hours when the activity is expected to be minimal. This can help you identify any unauthorized or suspicious connections that may occur during that time. By monitoring and analyzing the event patterns during these hours, you can detect potential security breaches and take appropriate actions to mitigate risks.

By following these best practices, you can leverage the event aggregation and filtering capabilities in Visual Guard to optimize your maintenance activities and enhance the security of your applications.

Viewing Individual Events

In addition to aggregating events, Visual Guard allows you to drill down into the aggregated sections to view the individual events that make up the aggregate. By clicking on a section of the column representing an aggregate of events of the same type, you can access a detailed list of the individual events. This allows for a granular examination of each event and provides additional context and information.

Clicking on (B) will redirect to the screen displayed below

Clicking on (C) will redirect to the screen displayed below

5.2 Historical Data

Detailed monitoring of the data is displayed using Historical Data.

To view the monitoring of historical data of the repository follow the steps below:

Log in to the Repository.
Click on the Repository Name to view the Monitoring Details.
Select the Historical Data Tab (A) from the Monitoring Tab

Clicking on (B) will redirect to the screen displayed below

The Chart Type of the Historical Data can also be displayed: missing links

Hourly
Daily
Monthly

Chart Type: Hourly

Detailed Monitoring of the data performed on hourly basis is displayed below:

Chart Type: Daily

Detailed Monitoring of the data performed on daily basis is displayed below:

Chart Type: Monthly

Detailed Monitoring of the data performed on monthly basis is displayed below:

Filtering the data through Chart Legends by clicking on the hand lens icon will display the screen below:

The selected options will be displayed besides the Chart Legends which can be deselected later.

See Also: missing links

Viewing Repository Details
Viewing User Profile Attributes’ Details
Viewing Modules’ Details
Viewing Web Portal Details
Viewing ADFS Server Details

5.3 Real time

To view the real time data of the repository follow the steps below:

Log in to the Repository.
Click on the Repository Name to view the Monitoring Details.
Select the Real Time Data Tab (A) from the Monitoring Tab

Clicking on (B) will redirect to the screen displayed below

Filtering the data through Chart Legends by clicking on hand lens icon will display the screen below:

The selected options will be displayed besides the Chart Legends which can be deselected later.

Time Interval: The user can set the regular time interval (in seconds) by which you can monitor the events.
Visible Range: The user can set the visible range (in minutes) for real time charts.
Keep Monitoring: If the checkbox is checked, the user can monitor the actions even when the real-time chart screen is active or inactive.

See Also: missing links

Viewing Repository Details
Viewing User Profile Attributes’ Details
Viewing Modules’ Details
Viewing Web Portal Details
Viewing ADFS Server Details

6. Groups

The Groups are a globality of roles/ users or permissions. Many actions can be done on these groups via the main page.

6.1 Manage Groups

Visual Guard now allows you to create group of user accounts.

A user group may contain:

VG user accounts
VG Groups
Windows user account
Windows Groups

Main features:

Create/Read/Update/Delete groups through VG WinConsole, VG WebConsole and VG API.
Hierarchical organization: Groups can contain users or sub-groups in it
Group Permission Management: Roles can be related to any level of groups and will apply to all the users and sub-groups within this group.
Hierarchical Administration rights: When the VG Administrator Role belongs to a group, their administration privileges are automatically restricted to the users and sub groups of that group.

Using Visual Guard you can perform following actions:

6.2 Search and Select Goups

Visual Guard allows you to filter the list of groups and select single/multiple groups.

Filter the list of Groups

To filter the list of groups you are provided with the selection of the search criteria (A). You can click on the drop down and select the search criterion.

As soon as you select the search criteria in the drop down (A), a Text Box/Drop Down appears (B) to enter value or select the value by which you want to search the record.

For example: In case you select Country Attribute as search criteria, then you will have to mention group name in the textbox.

Click on “search” after entering/selecting the value by which record is to be searched. The list of users matching the search criteria will be visible in the below grid.

The list of users matching the search criteria

You can filter the events using various filter options.

Field	Description
Filter Options:	This section explains about the filter option details. These are the filter options available in the drop down (A)
Root Groups	Select this option to get the list of the first parent group.
All Groups	Select this option if you want to see the list of all the groups and click on
Group Name	Select this option if you want to search for the group by its Group Name.
	As soon as you select this option, an Edit Box appears. Enter the Group Name in this field by which you want to search.
Children Groups	Select this option is you want to search for the sub groups which belong to particular Group.
	As soon as you select this option, a Drop Down appears with complete tree structure of the Group.
	Select the Group and system will search for the immediate children belonging to the selected Group.
Group and its Descendants	Select this option is you want to search for the group which belong to particular Group including its Sub/Child Groups.
	As soon as you select this option, a Drop Down appears with complete tree structure of the Group.
	Select the Group and system will search for the groups belonging to the selected Group including its all Sub/Child Groups.

Select/De-select a Group

Select Group(s)

You can select either single/multiple groups by selecting check box besides the name of the groups (A).

You can also see the list of only selected groups by clicking on “Show Selected Groups” link (C).

As soon as you click on the “Show Selected Groups” link, one more grid appears (D) showing the list of Selected Groups from all the pages.

Note: The link “Show Selected Groups” toggles to link “Hide Selected Groups”. Hence you can click on “Hide Selected Groups” link (E) to hide the Grid showing selected groups (D)

– DE-SELECT GROUP(S)

To de-select a group you can either de-select the check box besides the group (A) or you can click on the stop sign icon in Grid (D).

If you want to de-select all the selected users then click on “Clear selection”.

– ASSIGN USERS TO GROUPS

Select the groups for which you wish to assign users. Click on “Assign Users to Groups” and then select the users you want to assign displayed in the below window.

After selecting the users “Assign Users to Groups” gets enabled. Clicking on the button will assign users to selected group(s).

EDIT ROLE

One can grant or revoke roles to the selected groups by clicking on “Edit role” . To know more click here !

Note: While granting a role to groups, if Is Role Propagated to Descendant Groups is set as Yes then the child groups will be assigned all the roles else No as displayed in the screen below.

Refresh Page

- You can filter the list of groups by clicking on “Refresh” . This will update the group list with updated data.

6.3 Create a Sub-Group

You can create the sub groups under a parent group.

Subgroups inherit parent group roles.

Follow the steps below to create a sub group.

Access the Add Group option using one of the options below:
- Right click on the Repository > Groups> Group Name from the Left Navigation Panel and select the Add Group option (A) from the popup menu

- Select the Add Group option from Action Menu. (B)
The New group will be created under the Group Name as shown below:

You can rename the group by double clicking on the group name (C). You can rename the new group. For example Project Lead
The renamed group will be displayed as shown below:

See also:

6.4 Group

The Visual Guard user Groups can contain subgroups.

You can grant N roles and N users to a group. Any user or sub-group inside the group may also have the granted role as well.

A Visual Guard Group can contain Windows users or Windows groups.

In order to create a group follow the steps below:

Login to the Repository where you want to create a group.
Access the Add Group option, using one of the options mentioned below:
- Right click on the Repository > Groups from the Left Navigation Panel and select the Add Group option (A) from the popup menu.

- Select Repository >Groups Node from the Left Navigation Panel and select the Add Group option from Action Menu (B)

The new group will be created under the Groups option as shown below:

You can rename the group by selecting the group and pressing F2 key (C). For example Project Manager
The renamed group will be displayed as shown below:

See Also:

6.5 Edit Group

Visual Guard allows you to modify the Groups Details and manage the assigned roles and users of the Group

Follow the steps below to modify a Visual Guard Groups:

Login to the Repository under which Group is to be modified.
Click on “+” icon of Groups option available in Left Panel. List of Groups created under the selected repository will be visible (A)

Select the Group from left panel which is to be modified.
The details of Group will be displayed in right panel (B) as shown below.

Following options will be available to you

See Also:

6.5.1 Edit Group Properties

Visual Guard allows you to modify Group’s Properties.

To modify group details follow the steps below:

Select the Repository > Groups from the Left Navigation Panel.
Click on the Group Name to modify the Group.
The Properties Tab (A) is selected by default

Following options will be available to you.

Field	Description
Group ID	This is the unique id of the group.
Description	This option allows you to enter the selected group’s description.
Data 1,2,3	These options allows you to enter the custom data

Modify the details and click “Save” to save the details.
The updated details will be displayed under the group name.

See Also:

6.5.2 Edit Profile of a Group

A profile of a group in Visual Guard refers to a collection of attributes or characteristics associated with a specific group within the security management system. These attributes typically include details such as the group’s name, description, permissions, roles, and any other relevant properties. Profiles of groups allow administrators to define and manage groups effectively, tailoring their settings to align with the organization’s access control policies and requirements. They serve as a central reference point for configuring and controlling access rights and privileges for members of the group across various applications and systems within the environment.

Step 1: Click on the group and you will see the properties associated with the group.

Step 2: Click on Profile and enter the required details and click Save.

How to Create a Group Attribute

6.5.3 Edit the Roles Granted to a Group

Visual Guard allows you to create groups and manage roles assigned to the group.

To view group details follow the steps below:

Select the Repository > Groups from the Left Navigation Panel.
Click on the Group Name to view the Group Properties.
Select the Roles Tab (A).
The roles inherited from the parent group will be highlighted.

Following options will be available to you:

Field	Description
Name	This option displays the name of the role
Description	This option displays the role’s description
View Permissions	This option displays the permissions of the Role
Propogated to descendant	This option displays whether the selected role is propagated from the parent group or has been assigned to the group directly. The option can have one of the values below: •Yes: The value implies that the role has been propagated from the parent group to the child groups •No: This value implies that the role cannot be propagated from the parent group to the child group Please Note: In case a role has been assigned to the parent group and also to sub group then propagated to the descendant will be set to False.

You can modify the group roles using one of the options below:
- Right-click on the Group Name in the Left Navigation Panel, select the Edit Roles option from the menu.

- Select the Edit Roles option from the Action Menu.

- Click on “Edit Roles” provided at the bottom of the Right Navigation Panel .
Edit Roles screen will be displayed.

Select the role that needs to be granted from list of roles (A).
User can grant one role at a time. Once a role (A) is selected ” -> Grant” (B) will be enabled.

Click on “-> Grant” , the granted role will be displayed in Current role section (C).

User can remove the role by selecting the role from Current roles list.
Click on “<- Revoke” to remove the role. The removed role will again be available in List of roles (D).

Click on “OK” to save the roles or click on “Cancel” to discard the changes.
Once user saves the details, the list of Current roles will be updated.

See Also:

6.5.4 Edit the Users Assigned to a Group

Visual Guard allows you to create groups and manage users assigned to the group.

To view and edit the list of users that have been assigned the selected group follow the steps below:

Select the Repository > Groups from the Left Navigation Panel.
Click on the Group Name to view the Group details.
The Properties tab will be displayed by default. Select the Users Tab (A).

The list of all users to whom the group has been currently assigned will be available to you.

Note :

- Using above screen, you can only view the list of the users assigned to the Group.
- You can click on the name of the user to Modify the User Details. You will not be able to Modify the “Groups” of the user from this “Edit User Details” Screen. Click here to know more about assigning groups to the User

ASSIGN USERS TO GROUP

To assign more users to the selected Group, click on . You will be provided with below screen:

Select User(s). “Assign users to group” option will be activated. Click on “Assign users to Group” to assign selected users to the Group.

REMOVE USERS FROM GROUP

A Select User. Click here to know more about Selecting User
As soon as the user is selected, “Remove users from group” will be activated.

Note : The screen allows you to remove the users to whom this group has been assigned. As soon as the user is removed from the group the roles associated with the group will be revoked.

As soon as you click on “Remove users from Group” , you will be asked for the confirmation.

Click on “yes” to save the users or click on “No” to discard the action.
The assignment between the Group and the selected users will be removed.

See Also:

6.6 Rename a Group

To rename a group, follow the steps below:

Select the Repository > Groups > Group name from the Left Navigation Panel.
The details of the selected group will be displayed.

You can access the Rename option using one of the options mentioned below:
- Right-click on the Group Name in the Left Navigation Panel, select the Rename option from the menu. (A)

- Select the Rename option from the Action Menu. (B)

- Select the Group and press F2
Enter the group name. The group name should be unique at the same level.
Once you update the name, the updated details will be displayed as shown below.

See Also:

6.7 Remove a Group

To remove the group, follow the steps below:

Note: The system does not allow you to remove a group that has sub group(s) associated with it.

Select the Repository > Groups> Group Name from the Left Navigation Panel.
The details of the selected Group will be displayed.

Access the Remove option using any of the options mentioned below:
- Right-click on the Group Name in the Left Navigation Panel, select the Remove option from the menu. (A)

- Select the Remove option from the Action Menu. (B)

- Select the group and press delete key.
The group will be removed from the list. In case the users are associated with the group, the group related roles will be revoked from the user accounts.

See Also:

7. Shared Roles

Visual Guard allows you to assign roles to the users accounts. The roles helps to restrict access to the integrated application or Visual Guard Console.
In case the company uses multiple applications then the concept of shared roles proves to be extremely useful.

A shared role can be used for several applications allowing you to overcome the hassles of managing roles for each application individually.

Visual Guard provides various options to manage shared roles:

7.1 Duplicate

Visual guard allows you to duplicate a Shared Role within your system that mirrors an existing shared role, duplicating all similar permissions and responsibilities.

Note: This feature is exclusively available in VG 2024 and later versions.

Below are the steps to follow to duplicate an existing shared role.

Step 1: Open your application –> Go to Shared Roles –> select Shared Role –> select Duplicate Role

Step 2: Enter the Shared Role Name, check the selected items, if they all apply to your requirement then click on Ok, if not then make the necessary amendments.

You can choose to grant the below;

Grant to User : You have the option to choose if this duplicated role should be granted to the user with or without identitcal users of the current role
Grant to Group: You have the option to choose if this duplicated role should be granted to the group with or without identitcal groups of the current role
Identical PersmissionSets: You can assign the PermissionSets to the role, these permission sets will be configured similarly across different roles or users, providing consistent access control within the system.
Identical Permissions: You can assign the Permission to the role, these permissions may be configured similarly across different roles or users, providing consistent access control within the system.
Identical Profile: Once you check this then the role profile details will be duplicated as well

7.2 Shared Role

A shared role can be used for several applications allowing you to overcome the hassles of managing roles for each application individually.

Visual Guard provides various options to manage shared roles:

7.3 New Shared Role

Visual Guard allows you to create new shared role.

Note: You will be allowed to create the role only if you have been assigned the privilege. Refer roles section for more details on privilege

To create a new shared role follow the steps below:

Access the New Shared Role menu using any of the options below:
- Right click on the Shared Roles and select the New Shared Role menu (A) from the popup menu.

- Select the Repository > Shared Roles from the Left Navigation Panel and select the New Shared Role menu from the Action menu (B).
The new shared role will be created under the Shared Roles as shown below:

Once the new shared role is created, it will be displayed in the editable mode for renaming (C). You can rename the new shared role.
The renamed role will be displayed as shown below:

7.4 Role Details

Visual Guard allows you to create shared role(s).

Note: You will be allowed to view the role details only if you have been assigned the privilege. Refer roles section for more details on privilege

Follow the steps below to view Role details

Select the Repository > Shared Roles > Role Name from the Left Navigation Panel.
The details of the selected role will be displayed on the Right Navigation Panel (A) as shown below.

Following options will be available to you

7.4.1 Role Details

To view role related details follow the steps below:

Select the Repository > Shared Roles > Shared Role Name from the Left Navigation Panel.
Role Details will be displayed in the Role Tab (A).

You can modify following user details using this module:

Field	Description
This section explains about the fields that will not be available for editing.
Name	The role name displays the name of the role. Select the name to modify it. Please click here (link) for more details.Enter the role name.
Full Name	This option displays the full name of the role.
Permission Set	This option displays the names of permission sets associated with the role. Please click here (link) for more details.
Description	This option displays the role description. Please click here (link) for more details.
This section explains about the fields that will not be available for editing.
Last Modification	This option displays the date on which the role was last modified.
Id	This option displays the unique identifier assigned to the role.

7.4.2 View & edit granted user list

To view and edit the list of users that have been assigned to the selected shared role follow the steps below:

Select the Repository > Shared Roles >Shared Role name from the Left Navigation Panel.
The details of the selected shared role will be displayed in Role tab (A) as shown below.

Select the Granted Users Tab (B).

The list of all users to whom the role has been currently assigned will be displayed in a form of Grid (C).
Grid (D) displays the list of selected users. This grid (D) will not be visible initially. For this you need to click on “Show Selected Users” option.
The grid can be hidden by clicking on “Hide Selected Users” option. This option will be visible only if selected users grid is displayed on the page.

Note :

- Using above screen, you can only view the list of the users assigned to the Shared Role.
- You can click on the name of the user to Modify the User Details. You will not be able to Modify the “Roles” of the user from this “Edit User Details” Screen.
Now, select user whose roles are to be revoked. Click here to know more about Selecting User.
The list of Users is displayed in a form of a Grid. You can perform following actions on the user:
- Grant role to users
- Revoke role from users

GRANT ROLE TO USERS

When you select option “Grant role to users” you are provided with a screen to select users to whom the role is to be assigned.

Once the users are successfully assigned to the Group, below message will appear

REVOKE ROLE FROM USERS

As soon as the user is selected, “Revoke role from users” will be activated.

Note : Using the above screen, you can only revoke the roles assigned to the user. The user can be assigned the roles using User module.

As soon as you click on “revoke role from users” , you will be asked for the confirmation.

Click “Yes” to save the users or click “No” to discard the action.
The assignment between the Role and the selected users will be removed.

See Also:

User Accounts
Modifying Roles

7.4.3 View Granted Groups

To view the list of groups that have been assigned to the selected shared role follow the steps below:

Select the Repository > Shared Roles > Role name from the Left Navigation Panel.
The details of the selected role will be displayed.
The details will be displayed in Role tab (A) as shown below.

Select the Granted Groups Tab (B).

The list of all groups that have been assigned the shared role will be displayed.

You can only view the assigned groups.
You can modify the groups using groups option provided in the left navigation panel.

See Also:

Creating Shared Role
Remove Shared Role
Modifying Role details

7.5 Rename Shared Role

Visual Guard allows you to rename the shared role(s).

Note: You will be allowed to rename the role only if you have been assigned the privilege. Refer roles section for more details on privilege

To rename the shared role follow the steps below:

Select the Repository > Shared Roles > Shared Role name from the Left Navigation Panel.
The detail of the selected shared role will be displayed as shown below.

Access the Rename menu using any of the following options:
- Right click on the shared role name and select the Rename menu (A) from the popup menu.

- Select the shared role name from the Left Navigation Panel and select the Rename menu from the Action menu (B).

- Select the shared role name from the Right Navigation Panel (C).
Enter the shared role name. The shared role name should be unique.
Once you update the name, the updated details will be displayed as shown below.

7.6 Remove Shared Role

Visual Guard allows you to remove the created shared role(s).

Note: You will be allowed to remove the roles only if you have been assigned the privilege. Refer roles section for more details on privilege

To remove a shared role follow the steps below:

Login to the Repository > Shared Roles > Shared Role name.
The detail of the selected shared role will be displayed as shown below.

Access the Remove menu using any of the following options:
- Right click on the shared role name and select the Remove menu (A) from the popup menu.

- Select the shared role name from the Left Navigation Panel and select Remove menu from the Action menu (B).

Select the shared role name and press delete key.
A Delete confirmation screen will be displayed.

Click “YES” to continue the deletion or click “NO” to cancel the deletion.
On clicking “YES” the shared role will be removed from the list of shared roles.

7.7 Change Permission Set

Visual Guard allows you to edit the permission set assigned to the shared role.

Note: You will be allowed to edit permission sets only if you have been assigned the privilege. Refer roles section for more details on privilege

To edit the permission set follow the steps below:

Select the Repository > Shared Roles > Shared Role name from the Left Navigation Panel.
The details of the selected shared role will be displayed as shown below:

Access the Edit Permission set menu using any of the following options:
- Right click on the shared role name and select the Edit Permission set menu (A) from the popup menu.

Select the shared role name from the Left Navigation Panel and select the Edit Permission set menu from the Action menu (B).

- Select the Permission Set from the Right Navigation Panel (C). Click “…” provided beside the Permission Set.
A Grant permission sets screen will be displayed.

Select the permission set from the List of permission sets (D) that need to be granted. The List of permission sets will display the permission sets of all the applications integrated with the Visual Guard.
A shared role can be granted a single permission set only. Click “-> Granted role” .
The granted permission set will be displayed in Current granted permission sets (E).

Once permission set is added to the Current granted permission sets, “<- Revoke” will be enabled.
You can remove the granted permission set by selecting the permission set from the Current granted permission sets (E).
After granting the permission sets, click “OK” to save the changes or click “Cancel” to cancel the changes.

8. Users

8.1 Database User

Visual Guard supports authentication based on DBMS account for Oracle 8 and higher and SQL Server 2000 and higher.

Visual Guard allows you to re-use user accounts and passwords defined in these DBMS. The credentials are stored in the SQL/ Oracle repository.

You can restrict the access to Visual Guard or any other application integrated with it using Roles and Permissions. Click here for more information on Roles.

Visual Guard allows you to perform following actions

8.1.1 Create a Database User

Visual Guard allows you to re-use user accounts and passwords defined in these DBMS.

Note:

- You will be allowed to create the user accounts only if you have been assigned the privilege. Refer special roles section for more details on privilege
- This option will be available only for SQL or Oracle repositories only.

Follow the steps below to create a Database User:

Access the Add Database User menu using one of the options below:
- Right click on the Repository Name provided on the Left Navigation Panel and select Add Database User option.

- Right click on the Repository >Users menu provided on the Left Navigation Panel and select Add Database User option (A).

- Select the Repository from Left Navigation Panel and select the Add Database User menu item from Action Menu (B).
The Select a database account screen will be displayed as shown below:

Note:

The list of accounts will only be displayed if the user account created in the sql server has server roles as sysadmin.

Select the database from the available accounts and click “OK” .
Add database account screen will be displayed as shown below:

To create a new user account you have to provide the following details:

Field name	Description
Database Account	This option displays the name of the database account that you selected. You can select a different user by clicking “Select”.
Role Assignment:	This section displays the list of available and assigned roles. You can grant or revoke the roles using this section.
List of Roles	This screen displays the list of roles.
Current Roles	This section displays the list of roles that have been already assigned to the user.
Display ‘Membership’ roles	This option allows you to display the membership access level to membership API for the application. The user can be assigned Unrestricted, Membership Members Only only or Add Members role only.

After specifying the roles for the user, click “OK” to save the user details.
Click “Cancel” if you do not want to create the user.
The new user account (A) will be displayed under Users menu in Right Panel.

All Database Users are represented with a different icon i.e.

See Also:

8.1.2 Edit a Database User

Visual Guard allows you to modify the existing user accounts.

Note: You will be allowed to modify the details only if he has been assigned the privilege. Refer special roles section for more details on privilege

To edit the Database user details perform the following steps:

Select a Repository > Users from the Left Navigation Panel. All the users will be displayed in the Grid in Right Panel.
Click on the name of the user displayed in the Grid. “Edit User Details” Screen will open as shown below.

User can modify following user details using this module

Field	Description
User Account Details
User Name	Displays the name of user as stored in database. This value cannot be modified.
Password	This option displays the current password of the user. This value cannot be modified.
Creation date	This option displays the date on which the account user was created. You will not be able to modify this value.
Last Modification Date	This option displays the date on which the account user was last modified. You will not be able to modify this value.
Other Details
User Id	This option displays the unique identifier assigned to the user. This field cannot be modified.
User Type	This option displays the user type for example Database User in current scenario.
Visual Guard Administrator	This option displays whether the user has been assigned a role of admin or not.

See Also :

8.2 Custom Users

Visual Guard supports Custom authentication. You can add custom modules to the application.

You can create any type of identity module – Authentication module (custom or market available authentication providers – google, facebook, twitter etc.), and VG can directly adopt it without any change, and you can have your desired authentication mode for your applications. Click here to know more.

For these Custom Modules, the User details are stored in the Customer database itself, Visual Guard will access the details from the Customer Database, whenever required.

You can restrict the access to Visual Guard or any other application integrated with it using Roles and Permissions. Click here for more information on Roles.

Visual Guard allows you to perform following actions:

8.2.1 Create a Custom User

Visual Guard allows you to create Custom User accounts.

Note: You will be allowed to create the user accounts only if you have the privilege for it.

In the below example, Facebook2 is a custom module added to the system. Here we will be creating a custom user for the Facebook2 module.

Follow the steps below to create a User for the Custom Identity Module:

Login to the Repository under which user account(s) is to be created.
Access the Add New Custom User feature using one of the options below:
- Right click on the Repository Name provided on the Left Navigation Panel and select Add Facebook2 User Context Menu (A).

Right click on the Repository > Users menu provided on the Left Navigation Panel and select Add Facebook2 User (B).

- Select the Repository from Left Navigation Panel and select the Add Facebook2 User from Actions (C).

The Create Custom User screen will be displayed as shown below:
Note: The layout of this screen will change depending on the type of module.

To create new user account you have to provide following details:

Field Name	Description
User Address	Enter a unique Email Address This id will allow the user to login to the repository and access the application. Note: This is a mandatory field.
Role Assignment:	This section displays the list of available and assigned roles. You can grant or revoke the roles using this section.
List of Roles	This section displays the list of available roles
Current Roles	This section displays the list of roles that have been already assigned to the new user.
Display ‘Membership’ roles	This option allows user to displays the membership access level to membership API for the application. The user can be assigned Unrestricted, Membership Members Only only or Add Members role only.

For example to create user, specify details as displayed below:

After specifying above details click “OK” to Save the user details.
Click “Cancel” if you do not want to create the user.
The new user account (D) will be displayed in the Grid on Right side.

See Also:

8.2.2 Edit a Custom User

Visual Guard allows you to modify the existing user accounts.

Note:You will be allowed to modify the details only if you have been assigned the privilege. Refer special roles section for more details on privilege.

To edit the Custom Account user details follow the steps below:

Select a Repository > Users from the Left Navigation Panel. All the users will be displayed in the Grid in Right Panel.
Click on the name of the user displayed in the Grid. “Edit User Details” Screen will open.

You can modify following user details using this module.

Field	Description
User Account Details
User Name	This option displays the Name of the user. You will not be able to modify this value.
Password	This option displays the current password of the user. You will not be able to modify this value.
Creation date	This option displays the date on which the account user was created. You will not be able to modify this value.
Last Modification Date	This option displays the date on which the account user was last modified. You will not be able to modify this value.
Start Date	This date displays the date since when the user account will be activated. Click on the calendar icon, calendar will be visible for you to select date
End Date	This date displays the date until when the user account will be active. To Modify the end date, follow the steps as explained in above for “Start Date”.
Other Details:	All options in this section cannot be modified
User Id	This option displays the unique identifier assigned to the user. The User Id is used for logon process.
User Type	This option displays the user type For example Visual Guard User in current scenario
Visual Guard System Administrator	This option displays whether the user has been assigned a role of admin or not.

See Also

Modifying User Profile Details

8.3 Manage Users

Visual Guard allows you to modify the existing user accounts.

Note: You will be allowed to modify the details only if you have been assigned the privilege. Refer special roles section for more details on privilege.

Follow the steps below to modify a Visual Guard User Account:

Login to the Repository under which user account(s) is to be modified.
Click on Users menu under the repository. List of all user accounts that have been created under the selected repository will be displayed as shown below:

Select the Users by clicking on the username (A).
You can also select the user by filtering the list of users using the filter option. Click here to know more about filter option.
The details will be displayed in User Details tab as shown below.

Following options will be available to you
- Modifying User Details

See Also:

8.3.1 Search and Select Users

Visual Guard allows you to filter the list of users and select single/multiple users.

Following functionalities are provided:

- Filter the list of users
- Select/De-select a User
- Refresh Page
Filter the list of Users
- To filter the list of users you are provided with the selection of the search criteria (A). You can click on the drop down and select the search criterion.

- As soon as you select the search criteria in the drop down (A), a Text Box/Drop Down appears (B) to enter value or select the value by which you want to search the record.

For example: In case you select User Name as search criteria, then you will have to mention user name in the textbox.

Note: The Users assigned with the System Roles are highlighted with a Yellow colored icon and all other users are highlighted with a Blue colored icon

- Click on “Search” after entering/selecting the value by which record is to be searched. The list of users matching the search criteria will be visible in the below grid.

- You can filter the events using various filter options.

Field	Description
Filter Options:	This section explains about the filter option details. These are the filter options available in the drop down (A)
All Users	By default, ‘Display All’ is selected. Select this option if you want to see the list of all the users and click on “Search”.
User Name	Select this option is you want to search for the user by its User Name. As soon as you select this option, an Edit Box appears. Enter the Username of the user in this field by which you want to search.
First Name	Select this option is you want to search for the user by its First Name. As soon as you select this option, an Edit Box appears. Enter the First Name of the user in this field by which you want to search.
Last Name	Select this option is you want to search for the user by its Last Name. As soon as you select this option, an Edit Box appears. Enter the Last Name of the user in this field by which you want to search.
Email Address	Select this option is you want to search for the user by its Email Address. As soon as you select this option, an Edit Box appears. Enter the Email Address of the user in this field by which you want to search.
Authentication Types	Select this option is you want to search for the user by its Authentication Types (i.e. Visual Guard Authentication, Windows Authentication, Database Authentication). As soon as you select this option, a Drop Down appears with the following options to select – Visual Guard Authentication – Identity Federation Authentication – Windows Authentication – Database Authentication – [list of Custom Attributes which are marked as “Is Searchable”, if any. Click here (missing link) to know how Attributes are marked as “Is Seaarchable”] Select the Authentication Type in this field by which you want to search. System will search for the users belonging to the applications supporting the selected Authentication Type. If a Custom Attribute is selected, then additional parameters will be provided based on the data type of the Attribute. For Example, if Attribute is of Integer type (like Age), then User will be provided with option to search for the exact match of the integer entered or integer falling under the specified range.
Locked/UnLocked	Select this option is you want to search for the user by its Locked/Un-Locked Status. As soon as you select this option, a Drop Down appears with the following options to select –Locked: If “Locked Out” check box is selected for the user in “Edit User Detail” Screen. –Unlocked: If “Locked Out” check box is NOT selected for the user in “Edit User Detail” Screen. Select the option to search for the users with their particular Status.
Approved/Pending	Select this option is you want to search for the user by their Account Status. As soon as you select this option, a Drop Down appears with the following options to select –Approved: If “Approved” check box is selected for the user in “Edit User Detail” Screen. –Pending: If “Approved” check box is selected for the user in “Edit User Detail” Screen. Select the option to search for the users with their particular Account Status.
Group	Select this option is you want to search for the users which belong to particular Group. As soon as you select this option, a Drop Down appears with complete tree structure of the Group. Select the Group and system will search for the users belonging to the selected Group. Note: This option will search for the users in the selected group only. But it will not consider the users belonging to child groups of the selected group.
Group and its Descendants	Select this option is you want to search for the users which belong to particular Group including its Sub/Child Groups. As soon as you select this option, a Drop Down appears with complete tree structure of the Group. Select the Group and system will search for the users belonging to the selected Group including its all Sub/Child Groups. Note: This option will search for the users in the selected group only. But it will not consider the users belonging to sub/child groups of the selected group.

Select/De-select a User
- SELECT USER(S)

You can select either single/multiple users by selecting check box besides the name of the user (A).

You can also see the list of only selected users by clicking on “Show Selected Users” link (C).

As soon as you click on the “Show Selected Users” link, one more grid appears (D) showing the list of Selected users from all the pages.

Note: The link “Show Selected Users” toggles to link “Hide Selected Users”. Hence you can click on “Hide Selected Users” link (E) to hide the Grid showing selected users (D)

- DE-SELECT USER(S)

To de-select a user you can either de-select the check box besides the user (A) or you can click on the icon in Grid (D).

If you want to de-select all the selected users then click on .

Refresh Page

You can filter the list of users by clicking on . This will update the users list with updated data.

8.3.2 Lock/Unlock Users

The Locked Out menu is used to lock the user from logging in. The users will be automatically locked out in case they exceed maximum number of invalid login attempts. Such user accounts can be un-locked by Master Admin User only.

Please Note: This operation can be performed only on Visual Guard user accounts.

The Locked out status of the user can be modified in two ways:

- Using List of Users Screen
- Using Edit User Screen

Using List of Users Screen

Note: Below steps allows you to Lock/Un-Lock the accounts of Multiple Users.

- Select a Repository > Users from the Left Navigation Panel. All the users will be displayed in the Grid in Right Panel.
- Select the user by clicking on the Check Box placed besides the Name of the User (A).
- You can also select user after filtering the list of users by using the filter option. Click here to know more about filter option.

Note: The options at the bottom of the screen will be active only if at least one user is selected in the grid.

Note: You can select either single/multiple users by selecting multiple check boxes hence you can Lock/Un-Lock single/multiple users at a time.

- Grid (B) displays the list of selected users. This grid (B) will not be visible initially. For this you need to click on “Show Selected Users” option.
- The grid can be hidden by clicking on “Hide Selected Users” option. This option will be visible only if selected users grid is displayed on the page.
- Click on “Lock” to Lock the account of the user OR click on “Lock” to unlock the account of the user.

Using Edit User Screen

Note: Below steps allows you to Lock/Un-Lock the account of Single User.

Select a Repository > Users from the Left Navigation Panel. All the users will be displayed in the Grid in Right Panel.
Click on the name of the user displayed in the Grid. “Edit User Details” Screen will open.

- Select the “Locked Out” check box (A) to Lock the account of the user OR De-Select the check box to un-lock the account of the user. The locked out user will not be able to access his account.
- The “Locked Out” check box in “Edit User Details” screen will be selected or de-selected based on the action performed by the user.
- Now, click on “Save” to save the details.

See Also:

8.3.3 Approve/Unapprove Users

The Approved menu shows whether the user account has been approved to be authenticated in the selected repository.

To modify the Approved status, follow either of the steps mentioned below:

- Using List of Users Screen
- Using Edit User Screen

Using List of Users Screen

Note: Below steps allows you to Approve/UnApprove Multiple Users.

- Select a Repository > Users from the Left Navigation Panel. All the users will be displayed in the Grid in Right Panel.
- Select the user by clicking on the Check Box placed besides the Name of the User (A)
- You can also select user after filtering the list of users by using the filter option. Click here to know more about filter option.

Note: You can select either single/multiple users by selecting multiple check boxes. Hence you can Approve/Un-Approve single/multiple users at a time.

- Grid (B) displays the list of selected users. This grid (B) will not be visible initially. For this you need to click on “Show Selected Users” option.
- The grid can be hidden by clicking on “Hide Selected Users” option. This option will be visible only if selected users grid is displayed on the page.
- Click on “V Approve” to Approve the user account OR click on to Un-Approve the user account.
- The “Approved” check box in “Edit User Details” screen will be selected or de-selected based on the action performed by the user.
- If the user is un-approved, then the user will not be allowed to login. When the user tries to login an error message will be displayed as shown below

Using Edit User Screen

Note: Below steps allows you to Approve/UnApprove Single User.

- Select a Repository > Users from the Left Navigation Panel. All the users will be displayed in the Grid in Right Panel.
- Click on the name of the user displayed in the Grid. “Edit User Details” Screen will open.

- Select the “Approved” check box to Approve the account of user OR De-Select the check box to un-approve the account of the user.
- Now, click on “Save” to save the details.

See Also:

8.3.4 Delete Users

Visual Guard allows you to delete user accounts.

Follow the steps below to delete a user account.

Select a Repository > Users from the Left Navigation Panel. All the users will be displayed in the Grid in Right Panel.
Select the user by clicking on the Check Box placed besides the Name of the User (A).
You can also select the user by filtering the list of users using the filter option. Click here to know more about filter option.

Grid (B) displays the list of selected users. This grid (B) will not be visible initially. For this you need to click on “Show Selected Users” option.
The grid can be hidden by clicking on “Hide Selected Users” option. This option will be visible only if selected users grid is displayed on the page.
Click on “Remove” to remove the selected User(s).
You will be asked for confirmation before the user is removed from the repository.

Click “Yes” to delete the user or click “No” to cancel the deletion.
The user account will be removed from the list of users.

Note:

- Currently Logged in user cannot be deleted.
- If multiple users are selected, then they all will be deleted.

See Also:

8.4 Edit User

The “Edit User” feature typically allows administrators or privileged users to modify the attributes, permissions, roles, and other settings associated with a specific user account within the application’s security framework. This function provides a user-friendly interface for administrators to manage user profiles efficiently, including updating personal information, adjusting access rights, assigning or revoking roles, and configuring other security-related parameters as needed.

Click on the specific User

Once you click on the User name, the below features will be displayed.

8.4.1 User

A User is an individual who interacts with an application that is secured using Visual Guard’s security framework. Each user typically has a unique identity within the application’s security system and is granted specific permissions and access rights based on their role or privileges.

Here you can edit/view the below details of a user;

Personal Information
User Account details
Password details
Other VG ID details

Once you are done with the updates yon the page make sure to click on Save so that your changes are reflected.

8.4.2 Profile

Profiles help administrators manage permissions more efficiently by grouping users with similar access requirements together.

Visual Guard allows you to modify the existing user profile details i.e the Job title, First Name and Last Name.

To Edit more details of the user click on the below link

Edit Visual Guard User

8.4.3 Roles

These are sets of permissions and access rights granted to users, facilitating efficient management of access control by grouping users with similar privileges together. Users assigned to specific roles inherit the permissions associated with those roles, streamlining security administration in applications.

You can click on the Eye icon to view the permissions that have been assigned to the role mentioned and to Edit further click below on Edit Roles.

When you click on Edit Roles, you will get the below window where you can assign the roles to applications respectively.

Step 1: You can select the application you want to edit/view –> select roles from the left side –> click on Grant

Step 2: Similarly if you want to remove any assigned role then select the role from the right side –> click on revoke

Step 3: Click on Ok once your updates are done so that your updates get reflected

For more features related to roles refer to the below pages

Application Roles

Shared Roles

8.4.4 Groups

Groups are collections of users organized together for simplified permission management, enabling administrators to assign common access rights and privileges to multiple users simultaneously. Group memberships streamline security administration by applying permissions uniformly to users with similar roles or responsibilities.

You can edit/view the groups by clicking on Groups
You can view what permissions the groups have been assigned by clicking on the Eye Icon
You can also see the group Hierarchy
Incase you wan to edit the group click on Edit Group

When you click on Edit Groups, you will get the below window where you can view the groups and edit them by adding and removing as per your requirement.

Click on Ok once your updates are done so that your updates get reflected.

To know about what can be done with Groups, refer to the below link

Groups

8.4.5 Audit Permissions

These refer to the capability to track and log user actions and access to resources within an application, facilitating compliance, security monitoring, and troubleshooting efforts. Administrators can configure audit permissions to capture specific events or actions, providing a comprehensive audit trail for accountability and analysis purposes.

Visual Guard allows you to view the permissions of the existing user accounts.

To modify the groups of the user, follow the following steps:

Click on the Hierarchy Icon under the Coming from column from the right to know where does the permission come from
Permission screen will be displayed as shown below.

8.4.6 Audit Activities

Audit activities entail monitoring and logging user interactions, access attempts, and system modifications within an application, enabling comprehensive tracking for compliance, security, and troubleshooting purposes. Administrators can configure audit activities to record specific events or behaviors, ensuring accountability and facilitating analysis of system activity.

Here you can see the log of the user, what time and date they logged in, if it successful or not, event ID, machine name, severity
You can also export the activity via PDF or Excel as per your preference.

8.4.7 Monitoring

This involves real-time tracking and analysis of user activities, system performance, and security events within an application, enabling proactive identification of anomalies or potential security breaches. Administrators can utilize monitoring features to maintain application integrity, enforce security policies, and respond promptly to emerging issues.

This feature allows to monitor the occurances of important events for specified time intervals for specific user in user friendly graphical format.

Attendance Hours

Under monitoring section you can view the successful and invalid logons for the users
You can use the start and end date feature to view results as per your requirement
You can also export the report in PDF,PNG or excel format as per you preference

Historical Data

Here you can view the historical data of the specific user
You have the option to browse through all the applications that are common with that specific user
You can choose the start and end date for the details you require
Here you can also choose the chart legends where in you can choose the type of details you want of the either successful logons or invalid logons
Additionally here you can choose the chart legends meaning the time period of the user i.e Daily, Hourly, Monthly
You can also export the report in PDF,PNG or excel format as per you preference

See Also :

8.5 Visual Guard User

Visual Guard has its own membership provider to manage user accounts and passwords.

The credentials are stored in the Visual Guard repository.

You can restrict the access to Visual Guard or any other application integrated with it using Roles and Permissions. Click here for more information on Roles.

Visual Guard allows you to perform following actions

8.5.1 Create a Visual Guard User

Visual Guard allows you to create new Visual Guard user accounts.

Note: You will be allowed to create the user accounts only if you have been assigned the privilege. Refer special roles section for more details on privilege

Follow the steps below to create a Visual Guard User:

Access the New Visual Guard User menu using one of the options below:
- Right click on the Repository Name provided on the Left Navigation Panel and select New Visual Guard User menu.

- Right click on the Repository >Users menu provided on the Left Navigation Panel and select New Visual Guard User menu (A).

- Select the Repository from Left Navigation Panel and select the New Visual Guard User menu from Action Menu (B).
The Create new user screen will be displayed as shown below:

To create new user account you have to provide following details:

Field name	Description
Username	Enter a unique user name. This name will allow the user to login to the repository and access the application.
Email address	Enter Email address. The Email address will be mandatory if the repository is configured to require unique email address for each user.
New password	Enter the new password. The password will be displayed in encrypted form.
Confirmation	Reenter the password. The password specified here should match the password specified in “New password” field.
User must change password at next logon	Select this option if you want to allow user to change his password for his next logon. By default, this value is deselected.
Password Question	Enter the password question. This field will be mandatory if the repository is configured to require a password question and answer for each user.
Password Answer	Enter the password answer. This field will be mandatory if the repository is configured to require a password question and answer for each user.

Role Assignment:

This section displays the list of available and assigned roles. You can grant or revoke the roles using this section.

List of Roles	This section displays the list of available roles
Current Roles	This section displays the list of roles that have been already assigned to the new user.
Display ‘Membership’ roles	This option allows user to displays the membership access level to membership API for the application. The user can be assigned Unrestricted, Membership Members Only only or Add Members role only.

For example to create user Johnson specify details as displayed below:

After specifying above details click “OK” to Save the user details.

Click “Cancel” if you do not want to create the user.

The new user account (A) will be displayed in the Grid on Right side.

See Also:

8.5.2 Edit a Visual Guard User

Visual Guard allows you to modify the existing user accounts.

Note: You will be allowed to modify the details only if you have been assigned the privilege. Refer special roles section for more details on privilege.

To edit the Visual Guard user details perform the following steps:

Select a Repository > Users from the Left Navigation Panel. All the users will be displayed in the Grid in Right Panel.
Click on the name of the user displayed in the Grid. “Edit User Details” Screen will open, as shown below.

You can modify following user details using this module.

Field	Description
*Personal Information*
Title	This option displays the Title / Prefix used for the user. Enter the text in the edit box to modify the Title.
First Name	This option displays the First name of the user. Enter the text in the edit box to modify the First Name.
Last Name	This option displays the Last name of the user. Enter the text in the edit box to modify the Last Name.
Email Address	This option displays the email address of the user. Enter the text in the edit box to modify the Email Address.
Description	This option displays a short description related to the user. Enter the text in the edit box to modify the Description.
*User Account Details*
User Name	This option displays the Name of the user. You will not be able to modify this value.
Password	This option displays the current password of the user. Select the password to modify the password of the user. To modify the password, click on “Change Password”. Below screen will be visible to you. Enter New Password and re-enter your new password. Click on “OK” to modify the password or click on “Cancel” to discard the action. See more here
Creation Date	This option displays the date on which the user account was created. You will not be able to modify this value.
Last Modification Date	This option displays the date on which the user account was last modified. You will not be able to modify this value.
Start Date	This date displays the date since when the user account will be activated. Click on the calendar icon, calendar will be visible for you to select date
End Date	This date displays the date until when the user account will be active. To Modify the end date, follow the steps as explained in above for “Start Date”.
Approved	If this option is selected then it indicates that the user account has been approved to be authenticated in the selected repository. Select/De-select the option to Approve or UnApprove the account of the user.
Locked Out	If this option is selected then it indicates that the user account has been locked and cannot access the system. Lock out also occurs when the number of Invalid password logins reach its predefined limit. Select/De-select this option to Lock-Out/Un-Lock the account of the user. Note: if the account of the user is locked out because of number of Invalid password attempt is exceeded, then only the master admin can modify this option else it will be disabled for any kind of modification.
Password Details
Password Question and Answer	This option displays the Password Question and Answer. The answer is displayed in encrypted form. The question and answer are used to retrieve the forgotten password. Enter the Password Question and Answer to modify the Password Question and Answer of the user.
Must change password at next logon	This option displays whether the user needs to change his password on next logon. If this option is selected then it indicates that user will have to update his password on next logon.
Other Details :	All options in this section cannot be modified
User Id	This option displays the unique identifier assigned to the user. The User Id is used for logon process.
User Type	This option displays the user type For example Visual Guard User in current scenario
Visual Guard System Administrator	This option displays whether the user has been assigned a role of admin or not.

See Also

8.6 Windows User or Group

Visual Guard supports Windows authentication. If you use the Windows authentication mechanism, passwords are created, stored, and administrated in Active Directory.

Visual Guard enables to search for a user in Active Directory. When the user is found, Visual Guard stores his security identifier (SID) in the repository.

You can restrict the access to Visual Guard or any other application integrated with it using Roles and Permissions. Click here for more information on Roles.

Visual Guard allows you to perform following actions:

8.6.1 Edit a Windows User

Visual Guard allows you to modify the existing user accounts.

Note:

- You will be allowed to modify the details only if you have been assigned the privilege. Refer special roles section for more details on privilege.

To edit the Window user details perform the following steps:

Select Repository > Users from the Left Navigation Panel. All the users will be displayed in the Grid in Right Panel.
Click on the name of the user displayed in the Grid. “Edit User Details” Screen will open.

You can modify following user details using this module

Field	Description
User account details
User name	The Username displays the name used for logon process. This name will be retrieved from the User accounts and is not managed by Visual Guard. Hence you will be unable to modify it.
Other Details
User Id	This option displays the unique identifier assigned to the user. This field cannot be modified
User Type	This option displays the user type for example Window User in current scenario
Visual Guard Administrator	This option displays whether the user has been assigned a role of admin or not.

See Also

8.6.2 Create a Windows User

Visual Guard allows you to add Windows user accounts.

Note:

- You will be allowed to access the user accounts only if you have been assigned the privilege. Refer special roles section for more details on privilege

Follow the steps below to create a Windows User:

Select the Add Windows User or Group menu using one of the options below:
- Right click on the Repository Name provided on the Left Navigation Panel and select Add Windows User or Group menu.

- Right click on the Repository > Users menu provided on the Left Navigation Panel and select Add Windows User or Group menu (A).

- Select the Repository from Left Navigation Panel and select the Add Windows User or Group menu from Action Menu (B).
The Add Windows User or Group screen will be displayed as shown below:

Click “Objects Types” (A) to select the Object Type. Object Types screen will be displayed.

You can select all or any one of the options available in the Object Types screen.
Click “OK” to accept the selection. The selected options will be displayed in ‘Select this object type’ (A) field on Select Users or Groups screen.

Select the location where the object type is located by clicking “Locations…” (B). Locations screen will be displayed as below:

The list of all Domains, Sub Domains, and Groups etc available on your network will be displayed.
Accept the selection by clicking “OK” . The selected location will be displayed in ‘From this location’ field on Select Users or Groups screen.
Click “Cancel” to discard the selection

Enter the object name in ‘Enter the object name to select’ field (A). You can view examples of allowed object names by clicking on examples link (B).
You can also search for object names by clicking “Check name”. The system will allow searching name in the selected location.
The name of the selected user will be listed as shown below

You can click “Advanced…” to perform advanced search.
Click “OK” to select the selected user. You can discard the selection by clicking “Cancel”.

Note: “OK” and “Check names” will only be active if any name has been specified in the ‘Enter the object name to select’ field.

Once the selection is complete, the system will allow you to grant roles for the selected repository.

The selected object name will be displayed; you can alter the name by clicking “Select…” (A).
The list of roles available for allocation will be displayed in the List of Roles section (B).
You can grant one role at a time. When role (C) is selected, “-> Grant” (D) will be enabled.

Click “-> Grant” , the granted role will be displayed in Current role section (E).

You can remove the role by selecting the role from Current roles list.
Click “<- Revoke” to remove the role. The removed role will again be available in List of roles (F).

Click “OK” to save the roles and user type or click “Cancel” to discard the changes.
The new user account (A) will be displayed in the Grid on Right side.

The Windows user, when created are displayed with a separate icon i.e. and if a role is been assigned to these users apart from default role then the icon will be.

See Also :

9. Application

Visual Guard is an identity and access management solution. It combines four major Access Control features in one solution:

Authentication: verification of the identity of end users of an application.
Identity management: management of user accounts and groups
Authorization: definition of what end users are allowed to do in an application
Audit: controlling the actions performed in the application.

Visual Guard can secure various applications in one repository. Any technology capable of SOAP or https request is supported: .Net, Java, C++, Php It provides special support for many types of application : (missing link)

Winform, WPF, Console
ASP.Net Web Site or Web Service
ASP.Net Web Application or Web Service Application
Power Builder Application
Neutral Applications

Visual Guard allows users to modify the details of the application integrated with it. Follow the steps below to modify the details of an integrated application.

Login to the Repository under which the application details are to be modified.
Select the application from the Left Navigation Panel, the application details will be displayed on the Right Navigation Panel as shown below.

You can modify following details of the application.

Field	Description
	This section explains about all the editable fields
Name	The name of the integrated application. Select the name to modify it.
Description	This option displays a short description related to the application. Select the description to modify it.
Action Script Language	This option displays the script language (C# or VB) used to edit script associated to actions. Select the Action Script Language to modify it.
Assembly Path	This option displays the full path of the main assembly of the application. Select the Assembly Path to modify it.
Other Assemblies	This option displays the list of assemblies which are statically referenced in the application. The assembly paths are separated by semicolon (;) and can contain wildcard characters.
Application Type	This option displays the type of applications. Select the Application Type to modify it.
Version	This option displays the version of the permissions of the application. Select the Version to modify it.
Anonymous Role	This option displays the anonymous role used by the application. Select the Anonymous Role to modify it.
Anonymous System Role	This option will assign VG system rights to anonymous user, for certain actions like create user, create group etc.
Default Role	This option displays the role granted by default to each new registered user. Select the Default Role to modify the details.
Membership Access Level	This option displays the access level to membership API for the application. Select the Membership Access Level to modify it.
Web Portal	This option allows you to select the id of the web portal and integrate the application with Web Portal application.
	This section explains about the fields that will not be available for editing.
Last Modification	This option displays the date on which the application was last modified.
Id	This option displays the unique identifier assigned to the application.

The VG Win Console provides several features for application management: (missing link)

9.1 New Application

9.1.1 New Winform Application

Visual Guard allows you to integrate Winform applications and set permissions for accessing the integrated application.

Note: Visual Guard must be integrated with the selected application before this wizard can be run. For WCF services you must specify the type of application hosting the service.

To add a new WinForm application follow the steps below:

Access the Application Creation Wizard using the path Repository > New Application

The Application Creation Wizard will be displayed.

Select the Winform, WPF, Console, Windows Service option (A).
The wizard will automatically walk you through the application integration.
Click “Next >” to access the next screen and indicate whether the Visual Guard runtime is already integrated in the system.

Option (B) will be selected by default. Select option (A) to move to the next step.
The Visual Guard Runtime should be integrated in the application to move to the next step.
Click “Next >” to access the next screen and specify the main assembly of the application that will act as an entry point.

Select the path where the application is being stored by clicking “…” (A).
The browsing screen will be displayed as shown below

You can select only assemblies having extensions .dll or .exe.
Select the script language in which you want to edit the script associated to actions. By default the application’s language will be detected automatically as shown below.

Click “Next >” to access the next screen and specify the default options of the application.

The options will be available for selection Allow anonymous sessions, Enable default role, and Generate Visual Guard configuration files. You can select any one or all of the options.
After selecting the appropriate options click “Finish” to finish the wizard. The application will be integrated and displayed as shown below.

See also:

9.1.2 New Applications

Visual Guard allows you to integrate applications and set permissions for accessing the integrated application.

To add a new application follow the steps below:

Login to the Repository under which new application is to be integrated.
The Application Creation Wizard will automatically be displayed in case new repository has been created.
You can also integrate the application with exiting repository using one of the options below:
- Right click on the Repository Name provided on the Left Navigation Panel and select New Application option (A).

- Select the Repository from Left Navigation Panel and select the New Application menu from Action Menu (B).

- Click on Ctrl + A

Application Creation Wizard will be displayed.

Using this wizard you can integrate following types of applications:
- Winform, WPF, Console, Windows Service
- ASP.Net Web Site or Web Service (.Net 2.0 or higher)
- ASP.Net Web Application or Web Service Application (.Net 2.0 or higher)
- Power Builder Application
- Neutral Application

9.1.3 New Website Application

Visual Guard allows you to integrate Website applications and set permissions for accessing the integrated application.

Note: Visual Guard must be integrated with the selected application before this wizard can be run. For WCF services you must specify the type of application hosting the service.

To add a new Website application follow the steps below:

Access the Application Creation Wizard using the path Repository > New Application
The Application Creation Wizard will be displayed.

Select the ASP.Net Web Site or Web Service (.Net 2.0 or higher) option (A).
The wizard will automatically walk you through the application integration.
Click “Next >” to access the Next screen and indicate whether the Visual Guard runtime is already integrated in the system.

Option (B) will be selected by default. Select option (A) to move to the next step.
The application should be integrated to move to the next step.
Click “Next >” to access the Next screen and specify the main assembly of the application that will act as an entry point.

Select the path where the application is being stored by clicking “…” (A).
The browsing screen will be displayed as shown below.

You can select the folder where the website is stored.
Please Note: It is compulsory that web config file exists in the selected folder.
Select the script language in which you want to edit the script associated to actions. By default the application’s language will be selected.

Click “Next >” to access the Next screen and specify the default options of the application.

The options will be available for selection Allow anonymous sessions, Enable default role, and Generate Visual Guard configuration files. You can select any one or all of the options.
Once the selection is complete click “Finish” to finish the wizard. The application will be integrated and displayed as shown below.

9.1.4 New Powerbuilder Application

Visual Guard allows you to integrate Power Builder applications and set permissions for accessing the integrated application.

Note: Visual Guard must be integrated with the selected application before this wizard can be run. For WCF services you must specify the type of application hosting the service.

To add a new Power Builder application follow the steps below:
Access the Application Creation Wizard using the path Repository > New Application
The Application Creation Wizard will be displayed.

Select the Power Builder Application option (A).
The wizard will automatically walk you through the application integration.
Click ” Next >” to access the Next screen and specify the main assembly of the application that will act as an entry point.

Select the path where the application is being stored by clicking “…” (A).
The browsing screen will be displayed as shown below.

You can select the file from here.
Please Note: It is compulsory that power builder config file exists in the selected folder.

Click ” Next >” to access the Next screen and specify the default options of the application.

The options will be available for selection Allow anonymous sessions and Enable default role. You can select any one or all of the options.
Click on Finish to access the below screen and specify the configuration file settings of the application.

You can modify the configuration files.

Field	Description
VG Server URL	This option displays the URL of the VG Server for the application.
Name	This option displays the repository name which contains the application.
Merge Roles	This option sets a flag allowing or not to combine Roles. You can select to allow for combining roles.
Support Authentication Modes	This option define the authentication mode for the application. You can select or deselect the required modes of authentication by selecting or deselecting the appropriate checkboxes . Please Note: Values that are compatible with the authentication mode will be available for selection.

Click “Test” to test the configuration file.
Once the selection is complete click “OK” to finish the wizard. The application will be integrated and displayed as shown below.

9.1.5 Other Applications

Visual Guard allows you to integrate Other applications such as Java, PHP and set permissions for accessing the integrated application.

Technologies other than .Net such as C++, Java, Powerbuilder and PHP call the VG Server in Public Mode to use the features offered by Visual Guard.

Note: In case of other applications you will not be able to create dynamic actions, you can call only the web services to run the roles with the intergrated application.

To add an Other application follow the steps below:
Access the Application Creation Wizard using the path Repository > New Application
The Application Creation Wizard will be displayed.

Select the Other Application option (A).
The wizard will automatically walk you through the application integration.
Click “Next >” to access the Next screen and enter the application name.

Click “Next >” to access the next screen and specify the default options of the application.

The options will be available for selection Allow anonymous sessions, Enable default role. You can select any one or all of the options.
Once the selection is complete click “Finish” to finish the wizard. The application will be integrated and displayed as shown below.

9.1.6 Create A New Application Version

Visual Guard allows you to create new version for the integrated application.

To create a new version follow the steps below:

Select the Repository > Application > Application name from the Left Navigation Panel.
The details of the selected application name will be displayed as shown below.

Access the Create new version menu using any of the options below:
- Right click on the application name from the Left Navigation Panel and select the Create new version menu (A) from the popup menu.

- Select the application name from the Left Navigation Panel and select the Create new version menu from the Action menu (B).
A Create new version screen will be displayed.

By default, the New Version (C) number will be incremented by one.
You can also enter the new version in the New Version (C) section.
Click on the check box if you want to regenerate configuration files. Click here to know more about regenerating the configuration files.
Click “OK” to continue or click “Cancel” to cancel the creation.
The new version will be created and displayed as shown below.

9.2 Edit Application

Visual Guard allows users to modify the details of the application integrated with it.

Follow the steps below to modify the details of an integrated application.

Login to the Repository under which the application details are to be modified.
Select the application from the Left Navigation Panel, the application details will be displayed on the Right Navigation Panel as shown below.

You can modify following details of the application.

Field	Description
	This section explains about all the editable fields
Name	The name of the integrated application. Select the name to modify it.
Description	This option displays a short description related to the application. Select the description to modify it.
Action Script Language	This option displays the script language (C# or VB) used to edit script associated to actions. Select the Action Script Language to modify it.
Assembly Path	This option displays the full path of the main assembly of the application. Select the Assembly Path to modify it.
Other Assemblies	This option displays the list of assemblies which are statically referenced in the application. The assembly paths are separated by semicolon (;) and can contain wildcard characters.
Application Type	This option displays the type of applications. Select the Application Type to modify it.
Version	This option displays the version of the permissions of the application. Select the Version to modify it.
Anonymous Role	This option displays the anonymous role used by the application. Select the Anonymous Role to modify it.
Anonymous System Role	This option will assign VG system rights to anonymous user, for certain actions like create user, create group etc.
Default Role	This option displays the role granted by default to each new registered user. Select the Default Role to modify the details.
Membership Access Level	This option displays the access level to membership API for the application. Select the Membership Access Level to modify it.
Web Portal	This option allows you to select the id of the web portal and integrate the application with Web Portal application.
	This section explains about the fields that will not be available for editing.
Last Modification	This option displays the date on which the application was last modified.
Id	This option displays the unique identifier assigned to the application.

9.2.1 Application Name

The Name indicates the name of the application that is being integrated.

To modify the Name, follow the steps below:

Select a Repository > Application from the Left Navigation Panel.
The application details of the selected application will be displayed as shown below.

Modify the Name using one of the options below:
- Right-click on the application name in the Left Navigation Panel and select the Rename menu (A).

- Select the Rename menu from the Action menu (B).

- Click on the Name from the Right Navigation Panel (C).

- Press F2 after selecting the application name.
Enter the new name. The name should be unique.
Once you update the name, the updated details will be displayed as shown below:

9.2.2 Description

This description displays brief information about the selected application.

To modify the Description related to the application follow the steps below:

Select the Repository > Application name from the Left Navigation Panel.
The details of the selected application will be displayed as shown below:

Click on the Description option on the Right Navigation Panel (A).
Enter the new Description. The new Description will be stored automatically.

9.2.3 Action Script Language

The Action Script Language option allows you to change the action script language used to edit scripts associated to actions.

Note: Modify Action Script Language only if you know the appropriate language used to build the application otherwise the application might not build

To modify Action Script Language follow the steps below:

Select a Repository > Application name from the Left Navigation Panel.
The details of the selected application will be displayed as shown below:

Click on the Action Script Language option on the Right Navigation Panel (A), v will be displayed.
Click v , a dropdown list will appear.
Select any one of the languages available i.e. VB.Net or CSharp or Neutral.
The selected value will be stored automatically.

9.2.4 Assembly Path

The Assembly Path displays the full path of the main assembly of the application.

To modify the Assembly Path follow the steps below:

Select the Repository > Application name from the Left Navigation Panel.
The detail of the selected application will be displayed as shown below:

Click on the Assembly Path option from the Right Navigation Panel (A), “…” will be displayed.
Click “…” to select a different path of the main assembly.
The changed path will be stored automatically.

9.2.5 Other Assemblies

If your application loads some assemblies dynamically and you want to define security actions for classes located in these assemblies you can do so using Modify Other Assemblies option.

Visual Guard allows you to specify the list of these assemblies in Other Assemblies.

To modify other assemblies follow the steps below:

Select the Repository > Application name from the Left Navigation Panel.
The details of the selected application will be displayed as shown below.

Click on the Other Assemblies from the Left Navigation Panel, “…” will be displayed.
Click “…” the Other Assembly Files screen will be displayed.

Click “Add Assemblies” (B) to add more assemblies or click “Add Folder” (C) to add a folder containing assemblies.
The added assemblies will be displayed in the Other Assembly Files screen as shown below.

After selecting the required assemblies click “OK” to save the selected assemblies or click “Cancel” to cancel the selection.
The selected assemblies will be displayed as shown below.

9.2.6 Application Type

The Application Type displays the type of the application which is being integrated. This information is used by Visual Guard to determine how to load the assemblies of your application.
Note: Modify Action Script Language only if you know about the appropriate language used to build the application else the application might not build
This option is used if you have changed the type of application after integrating it with Visual Guard.
To change the Application Type follow the steps below:
Select the Repository > Application name from the Left Navigation Panel.
The details of the selected application will be displayed as shown below:

Click on the Application Type option on the Right Navigation Panel (A), v will be displayed.
Click v , a dropdown list will appear.
Select the appropriate application type.
The selected application type will be stored automatically.

9.2.7 Version

The Version displays the version of the permissions of the application. This allows you to manage multiple versions of your permissions according to multiple versions of the application. The number of the version is necessary to manage different version of application. The best way to change the version number is to do it by creating a new version.

To modify the Version follow the steps below:

Select the Repository > Application name from the Left Navigation Panel.
The application details of the selected application will be displayed as shown below.

Click on the Version option on the Right Navigation Panel (A).
Enter the Version. The new Version will be stored automatically.

Note: The new version number should be higher than the older one.

9.2.8 Anonymous Role

The Anonymous Role displays whether an anonymous role is being used for the application. If your application requires an authentication this field must set to the value “None”.

Note: If multiple roles exist in the list, you have to select an appropriate role that will be used for anonymous session.

To modify the Anonymous Role follow the steps below:

Select the Repository > Application name from the Left Navigation Panel.
The details of the selected application will be displayed as shown below:

Click on the Anonymous Role option on the Right Navigation Panel (A), v will be displayed.
Click v , a dropdown list will appear as shown below.

Select the v option if you want to allow an anonymous session for the application or uncheck if do not want an anonymous session.
A message will be displayed stating the change in the settings.

Select “ok” to continue.
To use the changes in the application, you need to regenerate the configuration files of the applications. Click here to know about generating Visual Guard configuration files.
The changed value will be saved and displayed as shown below.

9.2.9 Default Role

The Default Role displays the role granted by default to each new registered user.

To modify Default Role follow the steps below:

Select the Application name from the Left Navigation Panel.
The details of the selected application will be displayed as shown below.

Click on the Default Role option on the Right Navigation Panel (A), v will be displayed.
Click v a dropdown list will appear as shown below.

Select check box option if you want to allow a default role for the application or uncheck if you do not want a default role.
On checking the check box option, the list below it will be enabled.
Select the role as default role from the list. The selected role will be saved automatically.

9.2.10 Membership Access Level

The Membership Access Level indicates the level of access granted in an application to a particular user.

To modify the membership access level, follow the steps below:

Select the Repository > Application name from the Left Navigation Panel.
The application details of the selected application will be displayed as shown below.

Select the Membership Access Level from the Right Navigation Panel (A),”v” will be displayed.
Click “v” a dropdown list will appear.

Select any one of the option from the dropdown list.

Field Name	Description
No Access	No one can change the security of this application with VG membership API
AddMembersonly	On selecting this option, the users can change the security of this application. Using VG membership API, they can only add users and grant them the default role in this application
MembershipMembersOnly	On selecting this option, the security of this application can be changed by users with the role “membership manager”. They can use VG membership API to add/edit/remove users and roles.
AddmembersOrMembershipMembers	In case this option is selected the security of this application can be changed by users with the role “membership manager” Using VG membership API, they can only add users and grant them the default role in this application
Unrestricted	On selecting this option, the users can change the security of this application. They can use VG membership API to add/edit/remove users and roles.

9.3 Visual Guard Configuration Files

Visual Guard generates two configuration files for every application which is being integrated with it.

The configuration file contains the information about the repository used by the application.

The files need to be regenerated under following conditions:

Each time you need to change the Visual Guard repository and connect to your application.
When you change the authentication mode supported by the repository.
When you enable or disable the anonymous session.
When you change the information about the connection to the repository (like server, schema or database name, repository path).
When you create a new version of the application by using the console and you want to access to this new version from your application.

To regenerate Visual Guard configuration files, follow the steps below.

Select the Repository > Application name from the Left Navigation Panel.
The details of the selected application will be displayed as shown below.

Generate the configuration files using one of the options below:
- Right-click on the Application name in the Left Navigation Panel and select the Generate Visual Guard Configuration Files menu (A).

- Select the Generate Visual Guard Configuration Files menu from the Action menu (B).
A Generate configuration files window will appear as shown below:

Default values will be displayed in the Generate configuration files. You can view as well as modify the details. Please click here for more details.
Select the path. Default path will automatically be selected. Click “OK” to continue.
A message will be displayed stating the modification of the file.

Click “OK” to close the notification message.
You can Cancel the operation. Visual Guard also allows you to test whether the configuration source file has been generated successfully. Click here for more information.

9.3.1 Testing

Visual Guard generates two configuration files for every application that is integrated with it.

You can Test whether the configuration source code has been generated appropriately.

To test Visual Guard configuration files, follow the steps below.

Select the Repository > Application > Generate Visual Guard Configuration Files menu.
The details of the associated Configuration Files will be displayed as shown below.

Click “Test” to test the configuration file.
Login Screen will be displayed as shown below:

The screen will display a list of all authentication modes selected in Supported Authentication Mode option during Generating Configuration Files.
Select the appropriate mode. Open an anonymous session option will be displayed only if Is Anonymous Session Supported option is True.
Login using the valid credentials. You will be prompted to select a role.

Once you select a role click “OK” , following message will be displayed.

9.3.2 Modifying

Visual Guard allows you to modify the details of the Configuration File.

To modify the details follow the steps below:

Select the Repository > Application > Generate Visual Guard Configuration Files menu.
The details of the associated Configuration Files will be displayed as shown below.

You can modify the following details using his module.

Field	Description
	This section explains about all the editable fields
Cache Duration	This option displays the time in seconds that is taken by Visual Guard to cache a repository item before reloading into the repository. Select the value to modify it. Please click here for more details.
Connection String	This option displays the server address of the database that contains the repository. Please click here for more details.
Include Windows Groups	This option displays whether the roles granted to Window Groups are included in the roles of the user.Select the value to modify. click here for more details
Is Anonymous Session Supported	This option displays whether the anonymous session is supported by the application.This option can be set to true only if one of the roles is set as anonymous. Please click here for more details.
Offline Store	This option displays whether offline mode is supported by application. Please click here for more details.
Supported Authentication Modes	This option displays the application modes supported by the application. Default, it will show the authentication modes as selected which are marked as selected for related RepositoryMultiple values can be selected. All selected values will be displayed separated by comma.Values that are compatible with the authentication mode will be available for selection. Please click here for more details.
Web Portal	This option displays the unique identifier of the web portal that is integrated with the application. Please click here for more details.
	This section explains about the fields that will not be available for editing.
Name	This option displays the name of the repository under which the selected application has been integrated.
Application Id	This option displays the unique identifier assigned to the application.

9.4 Event Viewer

Visual Guard allows you to view the monitoring and troubleshooting messages from the application of the repository.

Follow the steps below to view the events:

Select the Repository > Application from the Left Navigation Panel.
The application detail of the selected application will be displayed as shown below.

Access the Event Viewer option using one of the options below:
- Right click on the application name and select the Event Viewer option (A) from the popup menu.

- Select Event Viewer option from the Action menu (B).
The Event Log screen will be displayed as shown below.

You can filter and view the events occurred in the repository. You can also filter the events using various filter options (C).

Field	Description
Filter Options:	This section explains about the filter option details.
Filter Type	Select any one of the filter type from the available filters (Display All, Username, Event Id and Event Category). By default, ‘Display All’ is selected.
Start	Select the start date and time from when you want to filter. By default, this option is disabled. To enable it, click on the check option. After enabling, you can select the date by clicking V.
End	Select the end date and time till when you want to filter. By default, this option is disabled. To enable it, click on the check. After enabling, you can select the date by clicking V.
Find	When you click on this option, the system will search for all events matching the specified criteria.
Event Category	Event category option will be displayed only when Event Category option is selected from filter drop down.For User Name option Username field will be displayed and for Event ID option Event ID field will be displayed.

As soon as you click on “Find” the result will be displayed as shown below.

The system allows you to perform following actions upon the event details.
- Export to PDF
- Clear log entries
- Add Event Description
- Edit Event Description
- Refresh: This option allows you to refresh the contents, once you click on this option any new event will be appended to existing list.

9.4.1 Add New Events

Visual Guard allows you to add a new event to existing list of events

In order to add a new event follow the steps mentioned below:

Access the events for the selected Application by clicking on Event Viewer option.
Click on “Add/Edit Event description…” (A) at the extreme right of the Event Log screen.

The Add/Edit Event Description screen will be displayed.

In order to add a new id and description click on the “Add New Custom Event “ (B) and enter the new id and description.

Enter the new event id and the description.
Once you enter the id and the description, “OK” will be enabled (D).
Click on “OK” to save the event, otherwise click on “Cancel” to cancel saving the event.
Note*: The event id will be generated automatically even if the Event id is not entered by you.

The new added Event will be stored and displayed in the event list (E).

You can remove the event using “Remove” .

Note: You cannot remove the pre-defined events. You can only delete the customized event that are not created by the system.

See Also:

9.4.2 Export to PDF

Visual Guard allows you to export the event details to PDF.

Follow the steps mentioned below to export report to PDF.

Access the events for the selected application by clicking on Event Viewer option.
To view the of log of events of specific date, select the date and click on “Find” .
To view all the events, click directly on “Find” .
Select the event and click on the Export to PDF option (A) from the bottom of the Event Log screen.

A Generate PDF report window will be displayed.

Select the PDF options and click on “OK”. You can cancel the operation by clicking on “Cancel” .

See Also:

9.4.3 Clear Log

Visual Guard allows you to clear the event log

Note: From the next version onwards i.e. (2.8), it will not possible to select “Event older than” for repository type = File

Follow the steps below to clear the log

Access the events for the selected application by clicking on Event Viewer option.
Click on “Clear log entries” (A) at the extreme right of the Event Log screen.

The Clear log screen will be displayed.

Using this screen, you can select the criteria for clearing event log. You can select a single value only.
“Events older than” option allows you to select criteria before which all events will be deleted. You can also clear the complete event log by selecting “All events” option.
Click on “OK” to accept the selection. You can cancel the operation by clicking on “Cancel” .
You will be asked for confirmation before clearance.

Click on “Yes” to continue the clearing the logs or click on “No” to cancel.

See Also:

9.4.4 Edit Event

Visual Guard allows you to edit event descriptions

You can edit the description of the events using the below steps

Access the events for the selected application by clicking on Event Viewer option.
Click on the “Add/Edit Event Description” (A) at the extreme right of the Event Log screen

The Add/Edit Event Description screen will be displayed.

You can select an event from the list of events (B) to edit the description.
As soon as you select the event to be edited, the description of the selected event (C) will be displayed.

You can edit the selected event’s description using the Description field.

Note :The event id of the pre-defined events will be uneditable. So you will not be able to modify the event ids of the events. You can modify the event ids of the customized events only.

As soon as you edit the description, “Save” will be enabled (D) as shown below.

After the description is changed, you can click on “Save” to save it.
You can undo the changes using “Reset” .
You can also add a new event using this screen. Click here for more details

See Also:

9.5 Deployment

Application deployment in Visual Guard refers to the process of deploying security configurations, such as roles, permissions, and user profiles, to specific applications or systems within an environment. This deployment ensures that security settings are applied effectively to the target applications, enabling consistent access control and enforcing security policies.

Below are the steps of how we can deploy an application

Step 1: Right click on the application and click on Deploy application.

Step 2: Once the setup shows up click on Next

Step 3: Select the option of either Export data in a deployment configuration file or Deploy in an exisiting repository, Click Next after selection

Step 4: Choose the Overwrite option and Deployment mode from the dropdown list provided, Click Next after selection

Step 5: Click on the Finish button to complete the deployment.

Note: You will be asked to provide a path to where the configuration file should be saved.

Deploy Repository

9.6 Monitoring

This feature allows to monitor the occurrences of important events for specified time intervals for selected application in user friendly graphical format, follow the steps below:
Log in to the Repository.
Click on the Repository Name and click on “+” besides Application
Click on Monitoring (A) .

See Also:

Attendance Hours
Historical Data
Real time data

9.7 Manage Permission

Visual Guard allows you to create new permission for restricting user or allowing them access.

Note: You will be allowed to create the permissions only if you have been assigned the privilege. Refer special roles section for more details on privilege.

Follow the steps below to create a permission:

Access the New Permission using one of the options below:
- Right click on the Repository > Application > Permissions and select the New Permission menu (A).

- Right click on the Repository > Application (B) and select the New Permission menu.

- Select the Repository > Application from the Left Navigation Panel and select New Permission menu from the Action menu (C ).
The new permission will be created under the Permissions folder as shown below:

As the new permission is created, it will be in editable mode for renaming (A). You can rename the new permission.
The renamed permission will be displayed as shown below:

9.8 Manage Permission Set

A Permission Set stores the set of rules to access a particular application.

Note: You will only be allowed to create the permission set if you have been assigned the privilege. Refer special roles section for more details on privileges.

Follow the steps below to create a Permission Set:

Access the New Permission Set using one of the options below:
- Right click on the Repository > Application> Permission Set from the Left Navigation Panel and select the New Permission Set menu (A) from the popup menu.

- Right click on the Repository > Application (B) and select the New Permission Set menu.

- Select the Repository > Application> Permission Set from the Left Navigation Panel and select New Permission Set menu from the Action menu (C ).
The new permission set will be created under the Permission sets folder as shown below:

Once the new permission set is created you can rename it (A). For example Special Permission Set.
The renamed permission set will be displayed as shown below:

See Also:

Grant Permission List
Grant permission Set List

9.9 Manage Roles

Visual Guard allows you to create new role for restricting user or allowing them access.

Note: You will be allowed to create the permissions only if you have been assigned the privilege. Refer special roles section for more details on privilege

You can assign a Permission Set directly to a role by drag & and drop
You can directly revoke a Permission Set by selecting it and pressing the delete key

Follow the steps below to create a role:

Access the New Role option using one of the options below:
- Right click on the Application > Roles and select the New Role menu (A) from the popup menu.

- Right click on the Repository > Application (B) and select the New Role menu.

- Select the Repository> Application> Roles from the Left Navigation Panel and select the New Role menu from the Action menu (C).
The new role will be created under the Roles folder as shown below:

As the new role is created, it will be in editable mode for renaming (D). You can rename the new role.
The renamed role will be displayed as shown below:

See Also:

9.10 Settings

9.10.1 MFA Policy

An MFA policy refers to the set of rules and guidelines that dictate how Multi-Factor Authentication (MFA) is implemented within that specific application. This policy determines when and how users are required to provide additional verification, beyond just a password, to authenticate their identity.

Step 1: Click on the Application –> you will see the page with details of the application.

Step 2: On the bottom left corner, you will see the Edit MFA Policy link.

Step 3: Fill in the required details.

Select the type of method you are opting for the security under preferences information.
- OTP via email or phone
- Secure link via email or phone

The number of Grace logins (allows users a limited number of logins, or a period of time, to access a system without completing the usual authentication requirements) you would like to provide.

Provide the setting required under Session scope information
- Scope: choose where you want the setting to reflect either under the whole Repository or specific Application
- Duration: You can mention the time till when you want this feature to be active till
In case you want to allow a user to use the application even if MFA is not enabled click Allow on the other information section.

MFA – Multifactor Authentication

9.10.2 Application Attribute

How to use the Application Attribute functionality

Step 1: Click on the Application and on the right side bottom click on Manage Application Attribute

Step 2: Click on the Add New icon on the right bottom

Step 3: Enter the additional property/information that you want the add and click Ok to save the update

Step 4: Once you enter the property, you can also add the value below and save it.

Application Attribute

9.10.3 Identity Clients

One application can have multiples identity clients for each you can different options:

Identity ressources
Allowed redirect Uris
Post logout Uris
Allowed cors origins
etc..

How to create Identity Server

9.10.4 Create Identity Client

How to create a new Identity client

Step 1: Begin by opening the VGRepository using an account that has the Master Admin Role.

Step 2: Select the application you wish to configure ‘1‘, click on the option labeled “Configure Identity Client for Application” ‘2‘, click on New Platform to select the type of configuration’ ‘3’ you prefer

Step 3: Click on the Pen icon to view further features and edit the configuration

Primary Information: Essential data or key details that are fundamental to understanding the application.

Identity Resources: Components in configuring and enforcing authentication and authorization policies within the Visual Guard system.

URI Information: Refers to Uniform Resource Identifiers (URIs), which are strings of characters used to identify a resource, typically on the internet.

CORS: Refers to Cross-Origin Resource Sharing (CORS), which is a mechanism that allows resources on a web page to be requested from another domain outside the domain from which the resource originated.

Grant Types: This refers to the different methods or protocols used for obtaining access tokens or permissions in a system. Common grant types include Authorization Code Grant

Secret Keys: This is a piece of confidential information, typically a long string of characters, used for cryptographic purposes, such as encrypting and decrypting data, or for authenticating communication between parties.

Note: Make sure to click on Save everytime you make any edits, so that the update is reflected further.

9.11 Other

9.11.1 Rename an Application

The Name indicates the name of the application that is being integrated.

To modify the Name, follow the steps below:

Select a Repository > Application from the Left Navigation Panel.
The application details of the selected application will be displayed as shown below.

Modify the Name using one of the options below:
- Right-click on the application name in the Left Navigation Panel and select the Rename menu (A).

- Select the Rename menu from the Action menu (B).

- Click on the Name from the Right Navigation Panel (C).

- Press F2 after selecting the application name.
Enter the new name. The name should be unique.
Once you update the name, the updated details will be displayed as shown below:

9.11.2 Remove an Application

Visual Guard allows you to remove the applications that have been integrated with it.

Note:

- Once deleted from the repository you cannot use the application. You will have to delete all reference to Visual Guard from the application.
- In case you remove an application it will no longer be available.

Follow the steps below to delete the application integrated with the Visual Guard.

Select the Repository > Application from the Left Navigation Panel.
The application detail of the selected application will be displayed as shown below.

Delete the integrated application using one of the options below:
- Right-click on the Application from the Left Navigation and select the Remove option from the menu

- Select the Remove option from the Action menu.
You will be asked for confirmation before the application is removed from the repository.

Enter the confirmation code displayed on the confirmation screen. Click “OK” to delete the application.
You can Cancel the operation by clicking “Cancel” .
The application will be removed from the list of integrated application.

9.11.3 Check Security Actions

Visual Guard allows you to check security actions for the applications integrated with it. Using this option you can check whether created actions are valid or not.

To check security actions follow the steps below:

Select the Repository > Application from the Left Navigation Panel.
The details of the selected application will be displayed as shown below.

Access the Check security actions menu using any of the options below:
- Right click on the application name and select the Check security actions menu (A) from the popup menu.

- Select the application name from the Left Navigation Panel and select the Check security actions menu from the Action menu (B).
A message will be displayed stating whether actions created for the application are valid or not.
If the actions are valid, following screen will be displayed.

If the actions are invalid an appropriate error message will be displayed in the Log view as shown below.

10. Application Role

Visual Guard allows you to manage the Roles of the application.

Visual Guard allows you to perform following actions

10.1 Duplicate

Visual guard allows you to duplicate a Role within your system that mirrors an existing shared role, duplicating all similar permissions and responsibilities.

Note: This feature is exclusively available in VG 2024 and later versions.

Below are the steps to follow to duplicate an existing shared role.

Step 1: Open your application –> Go to Roles –> select Role –> select Duplicate Role

Step 2: Enter the Role Name, check the selected items, if they all apply to your requirement then click on Ok, if not then make the necessary amendments.

You can choose to grant the below;

Grant to User : You have the option to choose if this duplicated role should be granted to the user with or without identitcal users of the current role
Grant to Group: You have the option to choose if this duplicated role should be granted to the group with or without identitcal groups of the current role
Identical PersmissionSets: You can assign the PermissionSets to the role, these permission sets will be configured similarly across different roles or users, providing consistent access control within the system.
Identical Permissions: You can assign the Permission to the role, these permissions may be configured similarly across different roles or users, providing consistent access control within the system.
Identical Profile: Once you check this then the role profile details will be duplicated as well

10.2 Create Application Roles

Visual Guard allows you to create new role for restricting user or allowing them access.

Note: You will be allowed to create the permissions only if you have been assigned the privilege. Refer special roles section for more details on privilege

- You can assign a Permission Set directly to a role by drag & and drop
- You can directly revoke a Permission Set by selecting it and pressing the delete key

Follow the steps below to create a role:

Access the New Role option using one of the options below:
- Right click on the Application > Roles and select the New Role menu (A) from the popup menu.

- Right click on the Repository > Application (B) and select the New Role menu.

- Select the Repository> Application> Roles from the Left Navigation Panel and select the New Role menu from the Action menu (C).
The new role will be created under the Roles folder as shown below:

As the new role is created, it will be in editable mode for renaming (D). You can rename the new role.
The renamed role will be displayed as shown below:

See Also:

10.3 Modify Permissions

Visual Guard allows you to edit the permission assigned to the role.

To edit the permission follow the steps below:

Note: Besides using the below method to edit the Permission you can use the following shortcut methods to grant, revoke a permission

- By double clicking on the permission you can Grant/ Revoke a permission.
- You can assign a permission directly to a role by drag & and drop
- You can directly revoke a permission by selecting it and pressing the delete key
- You can also remove a permission by right clicking on the permission name and selecting Remove menu from the popup menu
Select the Repository > Application > Roles > Role name from the Left Navigation Panel.
The details of the selected role will be displayed.

Access the Edit Permission List menu using any of the following options:
- Right click on the role name and select the Edit Permission List menu (A) from the popup menu.

- Select the role name from the Left Navigation Panel and select the Edit Permission List menu from the Action menu (B).

- Select the Permission from the Right Navigation Panel (C). Click “…” provided beside the Grant Permissions.
A Grant permission screen will be displayed.

Select the permission from the List of permission (D) that need to be granted. By default the first permission will be selected.
A Role can be granted a single permission only. Click “-> Grant” .
The granted permission will be displayed in Current granted permission (E).

Once permission is added to the Current granted permission, “<- Revoke” will be enabled.
You can remove the permission by selecting the permission from the Current granted permission (E).
After granting the permission , click “OK” to save the changes or click “Cancel” to cancel the changes.

See Also:

10.4 Modify Role

Visual Guard allows you to view the Role Details and manage the assigned groups and users.

Follow the steps below to view Role details:

Login to the Repository and select the application of which the Roles are to be viewed.
Click on “+” icon of Roles option available in Left Panel. List of Roles created under the selected application will be visible (A).

Select the Role from left panel which is to be modified.
The details of Role will be displayed in right panel (B) as shown below.

Following options will be available to you :

See Also:

10.4.1 View Role Details

Visual Guard allows you to create roles and manage users and groups assigned to the role

To view role related details follow the steps below:

Select the Repository > Application > Roles > Role Name from the Left Navigation Panel.
Role Details will be displayed. Select the Role Tab (A).

You can view following Role details using this module:

Field	Description
Note:	The details of Membership Manager Role cannot be Modified
Name	The role name displays the name of the role. Select the name to modify it. Please click here (missing link) for more details.
Permission Set	This option displays the names of permission sets associated with the role. Please click here (missing link) for more details on how to modify the Permission Sets of Role.You will not be able to modify the permission set for Membership role
Description	This option displays the Details of the Role. Select the Description to modify it.
Last Modification	This option displays the date on which the role was last modified.
Id	This option displays the unique identifier assigned to the role.

See Also:

View & Revoke Granted Users
View Ganted Groups

10.4.2 View & assign users

Visual Guard allows you to create roles and manage users and groups assigned to the role

To view and edit the list of users that have been assigned the selected role follow the steps below:

Note:

- You can also modify user details using Role Tab

Select the Repository > Application name > Roles > Role name from the Left Navigation Panel.
The details of the selected role will be displayed.
The details will be displayed in Role tab (A) as shown below.

Select the Granted Users Tab (B).

The list of all users to whom the role has been currently assigned will be displayed.

Note :

- Using above screen, you can only view the list of the users assigned to the Role
- You can click on the name of the user to Modify the User Details. You will not be able to Modify the “Roles” of the user from this “Edit User Details” Screen.
The list of Users is displayed in a form of a Grid.
Now, Select User. Click here to know more about Selecting User (missing link).
The list of Users is displayed in a form of a Grid. You can perform following actions on the user: (missing link)
- Grant role to users
- Revoke role from users

GRANT ROLE TO USERS

When you select option “Grant role to users” you are provided with a screen to select users to whom the role is to be assigned.

Once the users are successfully assigned to the Group, below message will appear

REVOKE ROLE FROM USERS

As soon as the user is selected, “revoke role from users” will be activated.

Note: Using the above screen, you can only revoke the roles assigned to the user. The user can be assigned the roles using User module.

As soon as you click on “revoke role from users” , you will be asked for the confirmation.

Click “YES” to save the users or click “No” to discard the action.
The assignment between the Role and the selected users will be removed.

See Also: (missing link)

View Role Details
View Granted Groups

10.4.3 View & granted groups

Visual Guard allows you to create roles and manage users and groups assigned to the role

To view the list of groups that have been assigned to the selected role follow the steps below:

Select the Repository > Application>Roles> Role name from the Left Navigation Panel.
The details of the selected role will be displayed.
The details will be displayed in Role tab (A) as shown below.

Select the Granted Groups Tab (B).

The list of all groups that have been assigned the role will be displayed.

You can only view the assigned groups.
You can modify the groups using groups option provided in the left navigation panel.

See Also:

10.5 Modify Permission Set

Visual Guard allows you to edit the permission set assigned to the role.

To edit the permission set follow the steps below:

Note: Besides using the below method to edit the Permission Set you can use the following shortcut methods to grant, revoke a permission set

- By double clicking on the permission set you can Grant/ Revoke a permission set.
- You can assign a permission set directly to a role by drag & and drop
- You can directly revoke a permission set by selecting it and pressing the delete key
- You can also remove a permission set by right clicking on the permission set name and selecting Remove menu from the popup menu
Select the Repository > Application > Roles > Role name from the Left Navigation Panel.
The details of the selected role will be displayed.

Access the Edit Permission Sets menu using any of the following options:
- Right click on the role name and select the Edit Permission Sets menu (A) from the popup menu.

- Select the role name from the Left Navigation Panel and select the Edit Permission Sets menu from the Action menu (B).

- Select the Permission Set from the Right Navigation Panel (C). Click “…” provided beside the Permission Set.
A Grant permission sets screen will be displayed.

Select the permission set from the List of permission sets (D) that need to be granted. By default the first permission set will be selected.
A Role can be granted a single permission set only. Click “-> Grant” .
The granted permission set will be displayed in Current granted permission sets (E).

Once permission set is added to the Current granted permission sets, “<- revoke” will be enabled.
You can remove the permission set by selecting the permission set from the Current granted permission sets (E).
After granting the permission sets, click “OK” to save the changes or click “Cancel” to cancel the changes.

See Also:

10.6 Rename Role

Visual Guard allows you to rename the roles.

To rename the role, follow the steps below:

Select the Repository > Application name > Roles > Role name from the Left Navigation Panel.
The detail of the selected role will be displayed.

Access the Rename menu using any of the following options:
- Right click on the role name and select the Rename menu (A) from the popup menu.

- Select the role name from the Left Navigation Panel and select the Rename menu from the Action menu (B).

- Select the role name from the Right Navigation Panel (C).
Enter the role name. The role name should be unique.
Once you update the name, the updated details will be displayed as shown below.

See Also:

10.7 Remove Role

Visual Guard allows you to remove the created role.

Note: You can also Remove a Role by selecting it and pressing the delete Key

To remove the role, follow the steps below:

Select the Repository > Application > Roles > Role name from the Left Navigation Panel.
The detail of the selected role name will be displayed.

Access the Remove menu using any of the following options:
- Right click on the role name and select the Remove menu (A) from the popup menu.

- Select the role name from the Left Navigation Panel and select Remove menu from the Action menu (B).
A Delete Confirmation screen will be displayed.

Click “YES” to continue the deletion or click “NO” to cancel the deletion.
The role will be removed from the list of roles.

See Also:

11. Permission sets

Visual Guard provides authorization features to make permissions management easier.

You can create two types of permissions:

Static permissions: This type of permissions are coded into your application, and Visual Guard can test if a user has a role or a permission before giving access to an item.

Static permissions support any technology and can be used with VG runtime or VG server.

Dynamic permissions: They are not coded. They are defined using a specific wizard in the console. They can be created and enforced during production time, without recompiling the application.

They support any kind of .Net objects: GUI or non visual objects, objects managing the access to the database…

Dynamic permissions require the use of the Visual Guard runtime.

You can use both type of permissions in one repository.

VG Win Console provides various options to manage permissions.

11.1 Modify

Visual Guard allows you to modify the details of the current permission set.

Note: You will be allowed to modify the details only if you have been assigned the privilege. Refer roles section for more details on privilege.

To modify the details follow the steps below:

Select the Repository > Application > Permission set > Permission set name from the Left Navigation Panel.
The details of the selected permission set will be displayed on the Right Navigation Panel (A) as shown below.

You can modify the following details using this module.

Field	Description
	This section explains about all the editable fields
Name	The name displays the name of the permission set. Select the name to modify it. Please click here for more details.
Description	This option displays a short description of the permission set. Select the description to modify it. Please click here for more details.
Roles	The role displays the roles assigned of the permission set. Select the role name and click on the … to modify it. Please click here for more details.
Granted permissions	The Granted permissions displays the list of permissions granted to the permission set. Select the permission name and click on the … to modify it. Please click here for more details.
Granted Permission Sets	The Granted Permission Sets displays the list of permission sets granted to the permission set. Select the permission set name and click on the … to modify it. Please click here for more details.
	This section explains about the fields that will not be available for editing.
Last Modification	This option displays the date on which the permission set was last modified.
Id	This option displays the unique identifier assigned to the permission set.

11.2 Creating

A Permission Set stores the set of rules to access a particular application.
Note: You will only be allowed to create the permission set if you have been assigned the privilege.

Refer special roles (missing links) section for more details on privileges.

Follow the steps below to create a Permission Set:

Access the New Permission Set using one of the options below:
- Right click on the Repository > Application> Permission Set from the Left Navigation Panel and select the New Permission Set menu (A) from the popup menu.

- Right click on the Repository > Application (B) and select the New Permission Set menu.

- Select the Repository > Application> Permission Set from the Left Navigation Panel and select New Permission Set menu from the Action menu (C ).
The new permission set will be created under the Permission sets folder as shown below:

Once the new permission set is created you can rename it (A). For example Special Permission Set.
The renamed permission set will be displayed as shown below:

See Also: (missing links)

Grant Permission List
Grant permission Set List

11.3 Description

Visual Guard allows you to modify description related to the permission set.

To modify the description follow the steps below:

Select the Repository > Application > Permission Set > Permission set name from the Left Navigation Panel.
The details of the selected permission set will be displayed as shown below.

Click on the Description menu (A) from the Right Navigation Panel.
Enter the new Description. The new Description will be stored automatically.

11.4 Duplicating

Visual Guard allows you to duplicate the created permission set.

To duplicate the permission set, follow the steps below:

Select the Repository > Application > Permission Set > Permission set name from the Left Navigation Panel.
The selected permission set details will be displayed.

Access the Duplicate menu using any of the following options:
- Right click on the permission set name and select the Duplicate menu item (A) from the popup menu.

- Select the permission set name from the Left Navigation Panel and select the Duplicate menu item from the Action menu (B).

- Select the permission set name and press Ctrl + D
The permission set will be duplicated as shown below.

11.5 Edit Role List

Visual Guard allows you to modify the roles associated with a permission set.

To modify roles follow the steps below:

Select the Repository > Application > Permission Set > Permission set name from the Left Navigation Panel.
The detail of the selected permission set will be displayed as shown below.

Click on the Roles (A) option on the Right Navigation Panel. Click “…” that appears at the end.
A Select roles of ‘permission set name’ screen will be displayed. For example in current scenario the screen name is “Select roles of Full Trust permissions”.

Select the role that needs to be granted from list of roles (A).
User can grant multiple roles at a time. Once role (B) is selected Grant (C) will be enabled.

Click “-> Grant” , the granted role will be displayed in Current roles section (D).

You can remove the role by selecting the role from Current roles list. You can revoke multiple roles at a time.
Click “<- Revoke” to remove the role. The removed role will again be available in List of roles (E).

Click “OK” to save the roles or click “Cancel” to discard the changes.
Once the user saves the details, they will be displayed as shown below:

11.6 Edit Permission List

This module allows you to grant or revoke list of permissions assigned to a permission set.

To grant or revoke list of permissions to a permission set follow the steps below:

Note: In addition to the below option you can also assign a permission to a permission set by directly dragging and dropping the permission to the permission set.

Select the Repository > Application > Permission Set> Permission set name from the Left Navigation Panel.
The selected permission set details will be displayed.

You can access the Edit permissions list menu using one of the following options:
- Right click on the permission set name and select the Edit permission list menu (A) from the popup menu.

- Select the permission set name from the Left Navigation Panel and select Edit permission list menu from the Action menu (B).

Select the Granted Permissions option from the Right Navigation Panel (C).

Select the permission set name and press Ctrl + G
“Change Permissions of Permission Set Name” screen will be displayed. For example here the screen name is Change Permission of Full trust permissions.

Select the permission that needs to be granted from list of permissions (A).
You can grant a single permission at a time. Once permission (A) is selected, Grant (B) will be enabled.

Click ” -> Grant” , the granted permission will be displayed in Current granted permissions section (C).

User can remove the permission by selecting the permission from Current granted permission list.
Click “<- Revoke” to remove the permission. The removed permission will again be available in List of permissions (D).

Click “OK” to save the permissions or click “Cancel” to discard the changes.
Once you save the details, the list of Granted permissions will be updated.

11.7 Edit Permission Set List

This module allows you to grant or revoke list of permissions set associated with the selected permission set.

To grant or revoke list of permissions sets to a permission set follow the steps below:

Note: Besides the below option you can assign a permission set to a permission set by directly dragging and dropping the selected permission set to the permission set.

Select the Repository > Application > Permission Set> Permission set name from the Left Navigation Panel.

The selected permission set details will be displayed.

You can access the Edit permissions set list menu using one of the following options:
- Right click on the permission set name and select the Edit permission set list menu (A) from the popup menu.

- Select the permission set name from the Left Navigation Panel and select Edit permission set list menu from the Action menu (B).

- Select the Granted Permissions Sets option from the Right Navigation Panel (C).

- Select the permission set name and press Ctrl + S.
“Select the set of sub permissions sets for Permission Set Name” screen will be displayed. For example here the screen name is Select the set of sub permissions sets for “UK Sales team permissions.”

Select the permission set that needs to be granted from list of permissions sets (A).
You can grant multiple permission set at a time. Once permission set (A) is selected, Grant (B) will be enabled.

Click “-> Grant” , the granted permission set will be displayed in Current granted permission sets section (C).

User can remove the permission set by selecting the permission set from Current granted permission list. You can revoke multiple permission set at a time.
Click “<- Revoke” to remove the permission set. The removed permission set will again be available in List of permission sets (D).

Click “OK” to save the permission sets or click “Cancel” to discard the changes.
Once you save the details, the list of Granted permission sets would be updated.

11.8 Rename

Visual Guard allows you to rename the permission set.

To rename the permission set, follow the steps below:

Select the Repository > Application name > Permissions Set> Permission Set name from the Left Navigation Panel.
The details of the selected permission set will be displayed.

You can access the Rename menu using one of the following options:
- Right click on the permission set name and select the Rename menu (A) from the popup menu.

- Select the permission set name from the Left Navigation Panel and select Rename menu from the Action menu (B).

- Select the permission set name from the Right Navigation Panel (C).
Enter the permission set name. The permission set name should be unique.
Once you update the name, the updated details will be displayed as shown below.

11.9 Remove

Visual Guard allows you to remove the created permission set.

To remove the permission set, follow the steps below:

Select the Repository > Application > Permission Set> Permission set name from the Left Navigation Panel.
The detail of the selected permission set will be displayed.

Access the Remove menu using any of the following options:
- Right click on the permission set name and select the Remove menu (A) from the popup menu.

Select the permission set name from the Left Navigation Panel and select Remove menu from the Action menu (B).

Select the permission and press Delete key.
A Delete Confirmation screen will be displayed.

Click “Yes” to continue the deletion or click “NO” to cancel the deletion.
The permission set will be removed from the list.

12. Permissions

Visual Guard provides authorization features to make permissions management easier.

You can create two types of permissions:

Static permissions: This type of permissions are coded into your application, and Visual Guard can test if a user has a role or a permission before giving access to an item.

Static permissions support any technology and can be used with VG runtime or VG server.

Dynamic permissions: They are not coded. They are defined using a specific wizard in the console. They can be created and enforced during production time, without recompiling the application.

They support any kind of .Net objects: GUI or non visual objects, objects managing the access to the database… Dynamic permissions require the use of the Visual Guard runtime.

You can use both type of permissions in one repository.

VG Win Console provides various options to manage permissions. (all missing links)

12.1 Remove

Visual Guard allows you to remove the created permission.

To remove the permission, follow the steps below:

Select the Repository > Application > Permission > Permission name from the Left Navigation Panel.
The detail of the selected permission name will be displayed.

Access the Remove menu using any of the following options:
- Right click on the permission name and select the Remove menu (A) from the popup menu.

- Select the permission name from the Left Navigation Panel and select Remove menu from the Action menu (B).

- Select the permission and press Delete key.
A Delete Confirmation screen will be displayed.

Click “yes” to continue the deletion or click “No” to cancel the deletion.
The permission will be removed from the list of permissions.

12.2 Duplicate

Visual Guard allows you to duplicate the created permission.

Please Note: When you duplicate a permission it will automatically duplicate the Property / Action script created under the duplicated Permission.

To duplicate the permission follow the steps below:

Select the Repository > Application > Permission > Permission name from the Left Navigation Panel.

The details of the selected permission name will be displayed.

Access the Duplicate menu using any of the following options:
Right click on the permission name and select the Duplicate menu item (A) from the popup menu.

Select the permission name from the Left Navigation Panel and select the Duplicate menu item from the Action menu (B).
The permission will be duplicated as shown below.

12.3 Editing Argument List

To edit argument list follow the steps below:

Select the Repository > Application > Permissions > Permission name.
The details of the selected permission name will be displayed as shown below.

Access the Edit argument list menu using any of the following options:
- Right click on the permission name and select the Edit argument list menu (A) from the popup menu.

- Select the permission name from the Left Navigation Panel and select the Edit argument list menu from the Action menu (B).
An Edit argument list window will be displayed.

A new argument will be by default created (D).
The detail of the new argument is shown on the right (E).
You can add a new argument by clicking “Add“ (F).
Click on the Type from the right (G), “V” will appear at the end.
Click “V” and select the type of your argument from the given list.

Click on the Name from the right (H) to change the name of the argument.

You can enter a new argument name. The new argument name will be saved automatically.

Select the Description from the right side (I) and enter the description of the argument.

The description will be stored automatically and displayed as shown below.

Select the Default value from the right (J) and enter the default value for the argument.

The entered default value will be stored automatically and displayed as shown below.

Click “OK” to save the created argument or click “cancel” to cancel the creation.
On clicking “OK” the argument will be saved and displayed as shown below.

12.4 Creating a Permission Folder

New Folder option allows you to add a new folder.

To add a new folder, follow the steps below:

Select the Repository > Application name > Permissions from the Left Navigation Panel.
The detail of the permission under the repository will be displayed.

You can access the New Folder menu using any of the following options:
- Right click on the permission folder and select the New Folder menu (A) from the popup menu.

- Select the permission folder from the Left Navigation Panel and select New Folder menu from the Action menu (B).
Enter the new folder name. The folder name should be unique.
The new folder will be added as a sub folder under the selected option.

Once a new folder is created you can group permissions under the new folder.
You can either create a new permission or drag or drop existing permission in the folder.
In case you drag and drop permission from some existing folder it will be removed from existing folder and replaced in the new folder.

12.5 Properties Actions for .NET

Properties Action allows you to define permission based on the object properties. The objects can be derived from form, master page, page etc.

Follow the steps below to add Properties Action to the permission:

Select the Repository > Application > Permission and select the permission under which the properties action is to be created.

Access the New Properties Action using one of the options below:
- Select the permission from the Left Navigation Panel and select the New Properties Action from the Action menu (A).

- Right click on the permission and select the New Properties Action (B) menu from the popup menu.
The Security action creation wizard screen will be displayed.

The screen will display the objects derived from the application.
By default the screen will display the list of all forms,pages, Master pages, classes etc. The secured components will be invisible to you. Secured types are those that are protected using VGISecurable interface.
Visual Guard provides you a Show all types option that will display securable components if Show all types is selected.
You can expand and select any of the objects to set the security action as shown below.

For example in this screen AddNewUser (A) is selected.
Once you select the object “next >” will be enabled (B). Click on “next >” to indicate when the next step will be executed.

Click “Select Event…” to select any particular event from the object. Click here to know more.
You can also specify a condition by selecting the Condition checkbox (A). Click here for more information on conditions.

Click “next >” to proceed to the next step.

The screen will display the component list (C) for selected objects. You can apply filter to the component list.
Once you select a specific component from (C), the associated properties will also be displayed on the right side (D).

For example the event selected here is the cancel button of the object (E), its properties will be listed on the right (F)
You can change the properties of the selected cancel button. For example (G) the Enabled property of the cancel button is set to False.

After changing the desired properties, click “Finish” . The security action will be saved (I) and displayed as shown below.

See Also:

Script Action

12.5.1 Viewing Details

Visual Guard allows you to view the details summary of the action.

Follow the steps below to view action details.

Access the action using the path Repository> Application>Permission>Permission Name>Property Action
The details will be displayed as shown below.

All the details will be displayed in read only mode:

Field	Description
Name	This option displays the short name of the action
Target	This option displays the target for which the action will run.
Description	This option displays a short description related to the action. The description will also be displayed in bottom panel in right hand side panel.
Event	This option displays the event name after which the action will be executed
Condition	This option displays the condition when the expression will be executed.
Id	This option displays the unique identifier assigned to the action. This value will remain unaffected even when a new version of the application is created.

12.5.2 Removing

Visual Guard allows you to remove the created property/ script/ powerbuilder action.

Please Note: The powerbuilder action for permission will be available only if you select PowerBuilder Application.

To remove the property/ script action, follow the steps below:

Select the Repository > Application > Permission > Permission name > Property/Script/Powerbuilder Action from the Left Navigation Panel.
The details of the selected action will be displayed.

Access the Remove menu using any of the following options:
Right click on the property/ script/ powerbuilder action and select the Remove menu (A) from the popup menu.

Select the property/ script/ powerbuilder action from the Left Navigation Panel and select Remove menu from the Action menu (B).

Select the property/script/powerbuilder action and press Delete key.
A Delete Confirmation screen will be displayed.

Click “Yes” to continue the deletion or click “No” to cancel the deletion.
The property / script / powerbuilder action will be removed from the list of permissions highlighted below.

12.5.3 Editing

You can edit existing properties action by following the steps below:

Select the permission that needs to be modified using the path Repository > Application > Permission> Action

Access the Edit Properties screen using one of the options below:
Select the action from the Left Navigation Panel and select the Edit from the Action menu (A).

Right click on the action and select the Edit (B) menu from the popup menu.
The Security action wizard screen will be displayed showing the list of all components.

You can modify the associated expressions and update the Property action.
After editing the expression, click “Finish” . The security action will be saved and displayed as shown below.

12.5.4 Checking

Visual Guard allows you to check security actions for the created permissions. With this you can check whether created actions for the permission are valid or not.

Please Note: In case the user selects Check Security Actions option using the permission then the system will check the security action for all actions under the selected permission. Else the security will be checked only for the selected individual action.

To check security actions follow the steps below:

Select the Repository > Application > Permissions > Permission name from the Left Navigation Panel.
The details of the selected permission will be displayed as shown below.

Access the Check security actions menu using any of the options below:
- Right click on the permission name and select the Check security actions menu (A) from the popup menu.

- Select the permission name from the Left Navigation Panel and select the Check security actions menu from the Action menu (B).
A message will be displayed stating whether the actions created for the permission are valid or not.
If the actions are valid, following screen will be displayed.

If the actions are not valid error message will be displayed in the Log view as shown below.

12.5.5 Duplicating

Visual Guard allows you to duplicate the created property/script action.

To duplicate the property / script action follow the steps below:

Select the Repository > Application > Permission > Permission name > Property/Script action from the Left Navigation Panel.
The details of the selected property/script action will be displayed.

Access the Duplicate menu using any of the following options:
- Right click on the property/script action and select the Duplicate menu item (A) from the popup menu.

- Select the property/script action from the Left Navigation Panel and select the Duplicate menu item from the Action menu (B).
The property/script action will be duplicated as shown below.

12.5.6 Wizard

Visual Guard allows you to create Property and Script action for a permission.

Visual Guard also provides a Security Action wizard that allows you to manage the expressions associated with the Properties or Script actions.

Visual Guard provides you with following options to manage the expressions:

You can also perform following actions using Security action wizard:

Filter	You can filter the objects using one or all of the options Only Components Internal (Shared) Members Private Members Properties Fields By default all the options will be selected.
Categorized/ Alphabetical	This option allows you to sort the properties list by category or alphabetically. You can select single option only.
Show only modified properties	You can filter the properties by the properties that have been modified at present. By Default all properties will be displayed.

12.6 Script Actions for .NET

Script Action allows you to dynamically execute a script in your application. This type of action enables you to execute a script defined in the Visual Guard console when permission is granted to a user. The scripts will be dynamically compiled at runtime when the security is loaded for a user.

Follow the steps below to add Script Action to the permission:

Select the Repository > Application > Permission and select the permission under which the script action is to be created.

Access the New Script Action using one of the options below:
- Right click on the permission and select the New Script Action (A) from the popup menu.

- Select the permission from the Left Navigation Panel and select the New Script Action from the Action menu (B).
The Security action creating wizard screen will be displayed as shown below:

The above screen displays the objects derived from the application.
By default the screen will display the list of all forms, pages, Master pages, classes etc. The secured components will be invisible to you. Secured types are those that are protected using VGISecurable interface.
Visual Guard provides you Show all types option that will display securable components if Show all types is selected.
You can expand and select any of the objects to set the security action as shown below.

For example In this screen AddNewUser (A) is selected.
Once objects are selected “Next >” will be enabled (B). Click “Next >” to go to the next step.

Click “Select Event…” to select any particular event from the object. Click here (missing link) to know more.
The Condition checkbox (A) will be disabled in this action.
Click “next>” to proceed. The screen below will be displayed.

You can enter your code here (C). The code language depend of the language in which the application is created (c# or VB.Net)
For example the code entered in the below screen is MessageBox.Show (“Test”).

After entering the code click “Finish” . The security action will be saved (E) and displayed as shown below.

See Also:

Properties Action

12.6.1 Viewing Details

Visual Guard allows you to view the details summary of the action.

Follow the steps below to view action details.

Access the action using the path Repository> Application>Permission>Permission Name>Script Action
The details will be displayed as shown below.

All the details will be displayed in read only mode:

Field	Description
Name	This option displays the short name of the action
Target	This option displays the target for which the action will run.
Description	This option displays a short description related to the action. The description will also be displayed in bottom panel in right hand side panel.
Event	This option displays the event name after which the action will be executed
Condition	This option displays the condition when the expression will be executed.
Id	This option displays the unique identifier assigned to the action. This value will remain unaffected even when a new version of the application is created.

12.6.2 Removing

Visual Guard allows you to remove the created property/ script/ powerbuilder action.

Please Note: The powerbuilder action for permission will be available only if you select PowerBuilder Application.

To remove the property/ script action, follow the steps below:

Select the Repository > Application > Permission > Permission name > Property/Script/Powerbuilder Action from the Left Navigation Panel.
The details of the selected action will be displayed.

Access the Remove menu using any of the following options:
- Right click on the property/ script/ powerbuilder action and select the Remove menu (A) from the popup menu.

- Select the property/ script/ powerbuilder action from the Left Navigation Panel and select Remove menu from the Action menu (B).

- Select the property/script/powerbuilder action and press Delete key.
A Delete Confirmation screen will be displayed.

Click “Yes” to continue the deletion or click “No” to cancel the deletion.
The property / script / powerbuilder action will be removed from the list of permissions highlighted below.

12.6.3 Editing

You can edit existing script action by following the steps below:

Select the script action that needs to be modified using the path Repository > Application > Permission > Script Action

Access the Edit screen using one of the options below:
Select the script action from the Left Navigation Panel and select the Edit from the Action menu (A).
OR
Right click on the script action and select the Edit (B) menu from the popup menu.
The Security action creating wizard screen will be displayed as shown below.

You can modify the scripts for the associated event and update the Script action.
After editing the script action click “Finish” . The security action will be saved and displayed as shown below.

12.6.4 Checking

Visual Guard allows you to check security actions for the created permissions. With this you can check whether created actions for the permission are valid or not.

To check security actions follow the steps below:

Select the Repository > Application > Permissions > Permission name from the Left Navigation Panel.
The details of the selected permission will be displayed as shown below.

Access the Check security actions menu using any of the options below:
- Right click on the permission name and select the Check security actions menu (A) from the popup menu.

- Select the permission name from the Left Navigation Panel and select the Check security actions menu from the Action menu (B).
A message will be displayed stating whether the actions created for the permission are valid or not.
If the actions are valid, following screen will be displayed.

If the actions are not valid error message will be displayed in the Log view as shown below.

12.6.5 Duplicating

Visual Guard allows you to duplicate the created property/script action.

To duplicate the property / script action follow the steps below:

Select the Repository > Application > Permission > Permission name > Property/Script action from the Left Navigation Panel.
The details of the selected property/script action will be displayed.

Access the Duplicate menu using any of the following options:
- Right click on the property/script action and select the Duplicate menu item (A) from the popup menu.

- Select the property/script action from the Left Navigation Panel and select the Duplicate menu item from the Action menu (B).
The property/script action will be duplicated as shown below.

12.7 Property Actions for PowerBuilder

Powerbuilder Action allows you to define permission based on the object properties. The objects can be derived from form, master page, page etc.

Please Note: This option for permission will be available only for the PowerBuilder Application.

Follow the steps below to add Powerbuilder Action to the permission:

Select the Repository > Application > Permission and select the permission under which the properties action is to be created.

Access the New Powerbuilder Action using one of the options below:
Select the permission from the Left Navigation Panel and select the New Powerbuilder Action from the Action menu (A).

Right click on the permission and select the New Powerbuilder Action (B) menu from the popup menu.
The Powerbuilder Security action wizard screen will be displayed.

The screen will display the objects derived from the application in the target browser screen. (A)
By default the screen will display the list of all forms, pages, Master pages, classes etc. The secured components will be invisible to you. Secured types are those that are protected using VGISecurable interface.
You can expand and select any of the objects to set the security action as shown below.

You can modify the following details:

Field	Description
Calling Object	This option displays the name of the object which is asking to be secured and which contains the object(s) upon which the action must be carried out. It may be a non graphic object, datastore, or non-visual user object. The object name may be entered directly or by drag & drop from the target browser list or by selecting from the dropdown list by clicking “V”.
Calling ID	This option displays the ID to be used to trigger the action when the calling object perform the security. Its default value is “open”.
Target Object	This option displays the object(s) upon which the action must be performed.The object name may be entered directly or by drag & drop from the target browser list.If the target object is not filled in, the action will be performed on the calling object.
Action	This option displays the type of action to be performed on the target object. The value can be entered or selected from the dropdown list by clicking “V”.
Parameters	This option displays the parameters for the action. This option is used depending on the action is to be carried out. The parameters may be entered directly or by drag & drop from the target browser list.
Condition	This option displays the condition under which the action is to be carried out. The condition must be a valid datawindow expression. The condition may be entered directly or by drag & drop from the target browser list.
Tag	Indicates the type of action to be performed. The value can be entered or selected from list of possible actions.

After changing the desired properties, click “Validate” .The security action will be saved (B) and displayed as shown below.

12.7.1 Viewing Details

Visual Guard allows you to view the details summary of the action.

Please Note: This option for action will be available only for the PowerBuilder Application.

Follow the steps below to view action details.

Access the action using the path Repository> Application>Permission>Permission Name>Powerbuilder Action
The details will be displayed as shown below.

All the details will be displayed in read only mode:

Field	Description
Name	This option displays the short name of the action.
Description	This option displays a short description related to the action. The description will also be displayed in bottom panel in right hand side panel.
Target	This option displays the target for which the action will run.
Event	This option displays the event name after which the action will be executed.
Condition	This option displays the condition when the expression will be executed.
Id	This option displays the unique identifier assigned to the action. This value will remain unaffected even when a new version of the application is created.

12.7.2 Removing

Visual Guard allows you to remove the created property/ script/ powerbuilder action.

Please Note: The powerbuilder action for permission will be available only if you select PowerBuilder Application.

To remove the property/ script action, follow the steps below:

Select the Repository > Application > Permission > Permission name > Property/Script/Powerbuilder Action from the Left Navigation Panel.
The details of the selected action will be displayed.

Access the Remove menu using any of the following options:
- Right click on the property/ script/ powerbuilder action and select the Remove menu (A) from the popup menu.

- Select the property/ script/ powerbuilder action from the Left Navigation Panel and select Remove menu from the Action menu (B).

- Select the property/script/powerbuilder action and press Delete key.
A Delete Confirmation screen will be displayed.

Click “Yes” to continue the deletion or click “No” to cancel the deletion.
The property / script / powerbuilder action will be removed from the list of permissions highlighted below.

12.7.3 Editing

Please Note: The powerbuilder action for permission will be available only if you select PowerBuilder Application.

You can edit existing powerbuilder action by following the steps below:

Select the powerbuilder action that needs to be modified using the path Repository > Application > Permission > Script Action

Access the Edit screen using one of the options below:
- Select the powerbuilder action from the Left Navigation Panel and select the Edit Action from the Action menu (A).

- Right click on the powerbuilder action and select the Edit Action (B) menu from the popup menu.
The Security action creating wizard screen will be displayed as shown below.

You can modify the details and update the Powerbuilder action.
After editing the powerbuilder action click “Validate” . The security action will be saved and displayed as shown below.

12.8 Create

Visual Guard allows you to create new permission for restricting user or allowing them access.
Note: You will be allowed to create the permissions only if you have been assigned the privilege. Refer special roles section for more details on privilege.

Follow the steps below to create a permission:

Access the New Permission using one of the options below:
- Right click on the Repository > Application > Permissions and select the New Permission menu (A).

- Right click on the Repository > Application (B) and select the New Permission menu.

- Select the Repository > Application from the Left Navigation Panel and select New Permission menu from the Action menu (C ).
The new permission will be created under the Permissions folder as shown below:

As the new permission is created, it will be in editable mode for renaming (A). You can rename the new permission.
The renamed permission will be displayed as shown below:

See Also:

12.9 Renaming

Visual Guard allows you to rename the permission.

To rename the permission, follow the steps below:

Select the Repository > Application name > Permissions > Permission name from the Left Navigation Panel.

The detail of the selected permission name will be displayed.

You can access the Rename menu using any of the following options:
- Right click on the permission name and select the Rename menu (A) from the popup menu.

- Select the permission name from the Left Navigation Panel and select Rename menu from the Action menu (B).

- Select the permission name from the Right Navigation Panel (C).

- Select the permission name and press F2.
Enter the permission name. The permission name should be unique.
Once you update the name, the updated details will be displayed as shown below.

13. Settings

The Visual Guard repository is a security database where you will store all the security information related to your applications (user accounts, groups, permissions, roles, applications secured…)

It is composed of tables and can be stored in SQL Server or Oracle database. Under 200 user accounts, it can also be stored in files.

Using Visual Guard you can perform following actions on:

13.1 User Profile Attributes

Visual Guard allows you to view and edit all the User Profile Attributes defined in the system.
Note: However you will be not be able to edit and delete the inbuilt User Profile Attributes of the system.

To access the list of User Profile Attributes defined in the repository follow the steps below:

Step 1: Log in to the Repository.

Step 2: From the Settings select the User Profile Attribute Details ‘A’ .

‘B’: On clicking on the Up arrow, the row moves up the selected column’s view order towards the beginning of the column’s collection and clicking on the Down arrow, the row moves down the selected column’s view order towards the end of the column’s collection

Step 3: How to add a new User, Click on the Add New Profile Attribute on the right bottom ‘C’

Step 4: Create Mapping for profile attribute ‘D’

Here you can establish a relationship between attributes from different user profiles or entities within a user management system. This mapping enables the synchronization or alignment of attribute values across various profiles or entities, ensuring consistency and coherence in data management and user access control.

Below are the description of the feilds available for your quick reference

	Primary Information
	Property Name	Identifier for a specific attribute or characteristic of an entity.
	Display Name	Human-readable label used to represent a property or attribute.
	Data Type Value	Specification defining the type of data stored in a property or attribute.
	Description	Brief explanation or summary providing additional context or details.
	VGAttribute Information Type	Category of information associated with attributes within Visual Guard, aiding in organizing and managing attribute data effectively.
	Is Default Value Enabled	Initial value assigned to an attribute
	Default Value
	Other Information
	Attribute Group Name	Categorization label for grouping related attributes together.
	Is Visible	Indicator specifying whether an attribute is visible or hidden in the user interface.
	Is Required	Flag indicating whether an attribute must be populated with data
	Is Search Allowed	Permission setting determining whether an attribute can be used for searching or filtering.
	Is ReadOnly for API	Setting determining whether an attribute can be modified via an API
	IS ReadOnly for UI	Setting determining whether an attribute is editable in the user interface.
	Need to save in Log	Specification indicating whether changes to an attribute should be logged for auditing purposes.

You can perform the following actions in the User Profile Attributes section:

- Creating
- Mapping
- Editing
- Sorting
- Deleting
Refresh Profile Attributes: This option allows you to refresh all the Profile Attributes. Clicking on “refresh profile attributes” will refresh and load the latest Profile Attributes.

See Also: missing links

Viewing Repository Details
Viewing Repository Module Details
Viewing Application Details
Viewing Web Portal Details
Viewing ADFS Server Details

13.1.1 Creating

Visual Guard allows you to Add New User Profile Attributes in the system.

Follow the steps below to create a New User Profile Attribute:

Login to the Repository.
From the Settings item, select the User Profile Attribute Details as shown in the below screen.

Click “Add New Profile Attribute” in the above screen, to create a New User Profile Attribute.
New User Profile Attribute screen will be displayed as shown below.

The following details need to be entered here:

Field	Description
Primary Information
Property Name	This option displays the name of the Attribute. This is a mandatory field.
Display Name	This option shows the display name of the Attribute. This is a mandatory field.
Datatype Value	This option displays the value of the Data Type. This is a mandatory field.
VGAttribuite Information Type	This option displays some of the default Attributes provided in the system to Map with. Click here to know show to manage Attribute Mapping.
Default Value	This option displays the default Value of the Attribute.
Max Length	This option displays the maximum length of the Attribute Name. Default Value for this field is set to 50 characters.Note: Once you set a maximum length, you will not be allowed to decrease it while editing. However you may increase it.
Description	This option displays the description of the Attribute.
Other Information
Attribute Group Name	This option displays the Group Name of the defined Profile Attribute.If Group Name does not exist, you can create it also by specifying that new group name here and it will be created and will be available next time for the selection
Is Read Only	This option displays whether the Attribute is read only or not.
Is Visible	This option displays the visibility of the Attribute.
Is Required	This option displays whether it is a mandatory Attribute or not.
Is Search Allowed	This option displays whether the Attribute is searchable or not.
Validation Expression	This option displays the input format which a user needs to enter.

Please Note:
For a particular Module Type, few attributes will be default mapped like First Name & Last Name. Their Values will be default displayed in the User Attributes as mentioned in the User Details tab of the user but only after the user account is successfully authenticated by Visual Guard i.e. user has successfully logged in the Visual Guard at least once.

See Also:

- Mapping
- Editing
- Sorting
- Deleting

13.1.2 Mapping

Visual Guard allows you to Map attributes of the modules with the User Profile Attributes defined in the system.

Follow the steps below to create Attribute Mapping.

Login to the Repository.
From the Settings item, select the User Profile Attribute Details as shown in the below screen.

Select the User Profile Attribute for which you want to create the mapping.
Click “Create Mapping For Profiles Attribute” in the above screen, to create a New User Profile Attribute.
Attributes mapping screen for the selected Attribute will be displayed as shown below.

You need to select a Module from the list of Modules, in the above screen.
Based on the Module selected, list of corresponding Attributes will be available. You can select the attribute, with which you want to create the mapping.

Note: ModuleId and ModuleName should be identical to the previous versions of the module.

Click “Ok” to save the Mapping or click “Cancel” to cancel the operation.
When you choose to save the mapping, a confirmation screen will be displayed as shown below.

Note: Mapping of User Profile Attributes for any user, will synchronise after the user is successfully authenticated by the system. Also, Mapping can be done with the field of similar Data Type

See Also:

13.1.3 Editing

Visual Guard allows you to edit any User Profile Attribute.
Note: However you will be not be able to edit the inbuilt User Profile Attributes of the system.

Follow the steps below to edit a User Profile Attribute:

Login to the Repository.
From the Settings item, select the User Profile Attribute Details as shown in the below screen.

Note: Default user profile attributes like first name, last name cannot be edited or deleted.

In the above screen, click on the icon of the User Profile Attribute which you want to edit.
The User Profile Attribute form will be displayed in Edit mode as shown below.

As shown in the above screen, you will not be able to edit the following fields:
- Attribute Name
- Data Type
- VG Attribute Information Type
- You will not be allowed to decrease the value of Max Length of the Attribute configured earlier.

See Also :

13.1.4 Sorting

Visual Guard allows you to change the order of all the User Profile Attributes defined in the system.

Follow the steps below to create a New User Profile Attribute:

Login to the Repository.
From the Settings item, select the User Profile Attribute Details as shown in the below screen.

You can use arrow buttons provided in front of each Profile Attribute to change the Order of the Attributes, as shown in the above screen.
Click to move the Attribute Up (B).
Click to move the Attribute Down (C).
The changed order of the User Profile Attributes will be displayed in the User Profile Details Tab in the User Details Screen.

See Also:

13.1.5 Deleting

Visual Guard allows you to delete any User Profile Attribute.
Note: However you will be not be able to delete the inbuilt User Profile Attributes of the system.

Follow the steps below to edit a User Profile Attribute:

Login to the Repository.
From the Settings item, select the User Profile Attribute Details as shown in the below screen.

Note: Default user profile attributes like first name, last name cannot be edited or deleted.

In the above screen, click icon in front of the User Profile Attribute which you want to delete (B).
The User Profile Attribute form will be displayed in edit mode as shown below.

See Also:

13.2 Group Profile Attributes

To access the list of Group Profile Attributes defined in the repository follow the steps below:

Step 1: Log in to the Repository.

Step 2: From the Settings select the Group Profile Attribute Details ‘A’ .

‘B’: On clicking on the Up arrow, the row moves up the selected column’s view order towards the beginning of the column’s collection and clicking on the Down arrow, the row moves down the selected column’s view order towards the end of the column’s collection

Step 3: How to add a new Group, Click on the Add New Profile Attribute on the right bottom ‘C’

Below are the description of the feilds available for your quick reference

	Primary Information
	Property Name	Identifier for a specific attribute or characteristic of an entity.
	Display Name	Human-readable label used to represent a property or attribute.
	Data Type Value	Specification defining the type of data stored in a property or attribute.
	Description	Brief explanation or summary providing additional context or details.
	Other Information
	Attribute Group Name	Categorization label for grouping related attributes together.
	Is Visible	Indicator specifying whether an attribute is visible or hidden in the user interface.
	Is Required	Flag indicating whether an attribute must be populated with data
	Is Search Allowed	Permission setting determining whether an attribute can be used for searching or filtering.
	Is ReadOnly for API	Setting determining whether an attribute can be modified via an API
	IS ReadOnly for UI	Setting determining whether an attribute is editable in the user interface.
	Need to save in Log	Specification indicating whether changes to an attribute should be logged for auditing purposes.

Following options will also be available:
- Creating
- Editing
- Sorting
- Deleting

13.3 Role Profile Attributes

To access the list of Role Profile Attributes defined in the repository follow the steps below:

Step 1: Log in to the Repository.

Step 2: From the Settings select the Role Profile Attribute Details ‘A’

‘B’: On clicking on the Up arrow, the row moves up the selected column’s view order towards the beginning of the column’s collection and clicking on the Down arrow, the row moves down the selected column’s view order towards the end of the column’s collection

Step 3: How to add a new Role, Click on the Add New Profile Attribute on the right bottom ‘C’

Below are the description of the feilds available for your quick reference

	Primary Information
	Property Name	Identifier for a specific attribute or characteristic of an entity.
	Display Name	Human-readable label used to represent a property or attribute.
	Data Type Value	Specification defining the type of data stored in a property or attribute.
	Description	Brief explanation or summary providing additional context or details.
	Other Information
	Attribute Group Name	Categorization label for grouping related attributes together.
	Is Visible	Indicator specifying whether an attribute is visible or hidden in the user interface.
	Is Required	Flag indicating whether an attribute must be populated with data
	Is Search Allowed	Permission setting determining whether an attribute can be used for searching or filtering.
	Is ReadOnly for API	Setting determining whether an attribute can be modified via an API
	IS ReadOnly for UI	Setting determining whether an attribute is editable in the user interface.
	Need to save in Log	Specification indicating whether changes to an attribute should be logged for auditing purposes.

Following options will also be available:
- Creating
- Editing
- Sorting
- Deleting

13.4 Modules

Visual Guard allows you to view all the modules in the system.

Now you can also add Custom Modules to the system. For this you need to have a license key for the repository.

You can perform the following actions in the Modules section:

Refresh Modules: This option allows you to refresh the contents of the Modules section. Clicking on “Refresh modules” will refresh and load the latest contents of the selected Module.

To view the list of modules integrated in the repository follow the steps below:

Log in to the Repository.
Click on the “+” besides the Repository Name to view the list of items of the repository.
From the Settings select the Modules .

The list of Modules will be displayed as shown below:

The following details will be displayed:

Field	Description
Repository Name and Path
Module Name	This option displays the name of the Module
Version	This option displays the version of the Module
Description	This option displays the description of the Module
Module Type	This option displays the category of the Module. Note: As of now only Identity Modules are supported in the system.
Module Target	This option displays the namespace of the Module

Following options will also be available:

13.4.1 Adding

Visual Guard 2017 allows you to add custom modules in the system.

Follow the steps below to create a new Module:

Login to the Repository.
Click on the Modules tab (A), as shown in the below screen.

You can access the Add Custom Module option through the following ways.
- Right click on the repository name and select the Add Custom Module menu item from the Repository context menu. (A)

- Select Add Custom Module menu item from Action Menu. (B)

- Click on the Add Custom Module button at the bottom of the Right Navigation Panel. (C)
Add Custom Module Popup will be displayed as shown below. You need to provide the path of the dll file here.

You can directly paste the path of the dll file or Browse the file by clicking on the “…” button.
After entering the assembly path click “OK” to add the dll file.
Click “Cancel” to cancel the operation.
You will be provided with configuration screen of the Module added allowing you to view and modifying the details

If required, you can validate the credentials. Click “OK” to continue.

The new module will be added to the list of Modules, as shown in the above screen.

See Also:

13.4.2 Configuring

Visual Guard allows you to view and change the details of the Custom modules added in the system.

Note: This option will be available only for the Custom created modules.

Follow the steps below to access the details of the Module:

Select any module in the Module section as highlighted in the below screen.

Clicking “Configure module” in the above screen, the Configure Modules’ Properties screen will be displayed as shown below.

See Also: missing links

13.4.3 Upgrading

After adding the new module in the system. Visual Guard 2017 allows you to Upgrade the version of custom module.

Note: This option will be available only for the Custom created modules.

Follow the steps below to create a new Module:

Click on the new module in the Module section as highlighted in the below screen.

Click “Upgrade Module” in the above screen, to change the version of your Custom module.

Note:

- You can only upgrade to a higher version of the module from the existing version of the module in the system.
- While upgrading your module by uploading the new dll file, make sure ModuleID and ModuleName does not change.
Add Custom Module Popup will be displayed as shown below. You need to provide the path of the dll file here.

You can directly paste the path of the dll file or browse the file by clicking on “…” button.
Click “Cancel” to cancel upgrade of the module.
After entering the assembly path click “OK” to add the dll file. You will be asked for confirmation if the attributes of the module are already been mapped.

Click on to continue upgrade.
The new upgraded module will be added to the list of Modules.

See Also:

13.4.4 Deleting

Visual Guard allows you to delete the Custom modules added in the system.

Note: This option will be available only for the Custom created modules.

Follow the steps below to delete a Module:

Select any module in the Module section as highlighted in the below screen.

Click “Delete” in the above screen.
You will be asked for confirmation, as shown in the below Screen.

Click “Yes” to delete the module or click “No” to Cancel the deletion.
The module will be removed from the list of modules.

See Also:

13.4.5 View Module Features

Visual Guard allows you to View all Features which are allowed within a module.

Follow the steps below to map attributes:

To select a module click on the row of the module as highlighted in the below screen.

Click “View Features” in the above screen.
Screen showing the list of all features will be displayed with the features as selected which are allowed within the selected module.

See Also: missing links

13.4.6 View Module Attributes

Visual Guard allows you to View all default attributes of the selected module.

Follow the steps below to map attributes:

To select a module click on the row of the module as highlighted in the below screen.

Click “View attributes” in the above screen.
Screen showing the list of default attributes of the selected module.

See Also:

13.4.7 Mapping Module Attributes

Visual Guard allows you to Map attributes of the modules with the User Profile Attributes defined in the system.

Please Note: For a particular Module Type, few attributes will be default mapped like First Name & Last Name. Their Values will be default displayed in the User Attributes as mentioned in the User Details tab of the user but only after the user account is successfully authenticated by Visual Guard i.e. user has successfully logged in the Visual Guard at least once.

Follow the steps below to map attributes:

To select a module click on the row of the module as highlighted in the below screen.

Click “Map Attributes” in the above screen.
Attributes mapping screen will be displayed as shown below.

You can perform the following actions on the Attributes Mapping screen, as shown in the above screen.

Click “Create Mapping For Module Attributes” to create a new mapping between the attributes of the selected custom module and the attributes of the system modules.

Note:

The selected module’s attributes will be listed on the left hand side of the Window. User Profile attributes defined in the system modules will be listed on the right hand side of the window.
An Attribute can be mapped with the Attribute of same data type i.e. Attribute of Integer type can be mapped with Attribute of Integer type only
An Attribute which is already mapped with one Attribute cannot be mapped again with another Attribute.
To save the mapping, click “Ok” in the above screen and a confirmation screen will be displayed as shown below.
Click “Cancel” to cancel the operation and exit.

2. You can delete the selected attribute mapping by clicking on “Delete Mapping“. You will be asked for confirmation before deleting the mapping, as shown in the below screen.

- Click “Yes” to delete the attribute mapping or click “No” to cancel the operation.

3. To close the Attributes mapping screen click “Ok”.

See Also:

13.5 Encryption

This feature allows to apply encryption on the communication and storage details of the repository. Follow the below steps…

Log in to the Repository.
Click on the + besides the Repository Name to view the list of items of the repository.
From the Settings select the Encryption .

Select the option Communication Details to encrypt the data transferred between VG Runtime and VG Server OR
Select Storage/Data Encryption to encrypt the storage data from Database and File Storage.
Encryption Algorithms provides us with two options of 128 bits and 256 bits amongst which any option can be selected.
Encryption Key of 16 characters can manually be entered by the user or can automatically be generated and if the criteria is not met validation error is displayed.

Click on Create Encryption to complete Step 1. Below screen will be displayed after the completion of Step 1.

Select the location of the where you need to save your backup file.

Clicking on Create Backup will display the below screen.

Click on Activate Encryption in Step 3 to get a confirmation screen as shown below.

The confirmation Activation will lead to the following screen.

Click on OK for final activation

See Also:

13.6 Configure SMTP

Managing, testing and configuring SMTP is possible through Visual Guard, to do so, follow the steps below:
Log in to the Repository.
Click on the + besides the Repository Name to view the list of items of the repository.
From the Settings select the Configure SMTP .

Fill in the details to test and configure SMTP as shown in the below screen:

Clicking on Test Connection will show the below screen, if the connection is successful else unsuccessful connection message will be displayed.

See Also:

13.7 Domains

Managing different domains is possible with the help of Visual Guard, to do so, follow the steps below:
Log in to the Repository.
Click on the + besides the Repository Name to view the list of items of the repository.
From the Settings select the Domains.

See Also:

13.8 Web Portal

Web Portal allows you to use a single sign on system for multiple applications associated with the repository.

To view the web portal details associated with the repository follow the steps below:

Log in to the Repository.
Click on the Repository Name to view the Web Portal Details.
Select the Web Portal Tab (A).

The following details will be displayed:

Field	Description
Web Portal Details
Id	This option displays the web portal id
Name	This option displays the name of the web portal
URL	This option displays the URL of the web Portal

See Also:

13.9 Miscellaneous

With minimal effort, Master Administrators can manage user impersonation for both Identity Server and workflow, streamlining administration tasks. This feature allows to set a user account which will be used for internal administrative activities behind the scene while operating identity server and workflow

Open Visual Guard Winconsole –> Go to settings –> Miscellaneous –> Configure Impersonated user for Identity Server or Workflow

Step 1: Select the Identity Server Impersonated User via the Change Identity Server User icon

Step 2:Choose the user you would like to assign as impersonated user, and click on Change IdentityServer Impersonated user icon.

Step 3: You will get a notification to restart Identity Server for the update to reflect, click Ok.

OR

Step 1: Select the Workflow Impersonated User via the Change Workflow User icon

Step 2: Choose the user you would like to assign as impersonated user, and click on Change Workflow Impersonated user icon.

Step 3: You will get a notification to restart Webconsole for the update to reflect, click Ok.

Below is the description of the feilds available for your quick reference

Identity Server Impersonated User	Refers to a user account which will be used for internal administrative activities behind the scene while operating identity server.
Workflow Impersonated User	Refers to a user account which will be used for internal administrative activities behind the scene while operating workflow.

14. Advanced

14.1 Audit Permission

Visual Guard allows to grant an infinite number of permissions for different types of entities: users, groups or roles.

This page explains how to investigate the permissions granted to a certain role (A).

The permissions are listed according to the selected entity, grouped by application.
This helps to review all the permissions granted to this entity
When clicking on an application, the permissions granted for this application are listed (B).

14.2 Deployment

14.2.1 Via a Configuration File

Visual Guard allows you to deploy the repository in a configuration file.

To deploy the repository in a configuration file, follow the steps below:

Open the Repository Deployment Wizard screen. Click here (missing link) for more information.

Select the Export data in a deployment configuration file option (A).
Click “Next >” to proceed. The screen below will be displayed.

Visual Guard provides you with following deployment option. Select any one of the options from the above screen: (Missing links)
- Deploy an application
- Deploy the repository
- Deploy parameters of the repository

14.2.2 Directly to another Repository

Visual Guard allows you directly deploy repository into another repository.

To deploy the repository directly into another repository, follow the steps below:

Open the Repository Deployment Wizard screen. Click here (missing link) for more information.

Select the Deploy in an existing repository option (A).
The highlighted section (B) will be enabled.
Select any one of the repository from the section (B) in which you want to deploy the repository.
Click “Next >” to proceed.
A Repository Deployment Wizard message will be displayed as shown below.

Click “YES” to login into the repository.
Please Note: You can login into the repository only if you have the rights of master administrator.
Once you click “Yes” the login screen will be displayed as shown below.

Enter the username and password and click “OK” to proceed or click “Cancel” to cancel the login.
Click “Yes” to proceed to the next step.

Visual Guard provides you with following deployment option. Select any one of the options from the above screen: (missing links)
- Deploy an application into repository
- Deploy the repository into another repository
- Deploy parameters of the repository

14.3 Audit Permission Coming from

Visual Guard allows to grant an infinite number of different permissions for different types of subgroups.

When you Audit the permissions of a user or a group (role/ permission set), you can seek from where the permissions has been given by clicking on the icon under the « coming from » title (A).

After clicking on coming from, a page will open with the details of the permissions and to see from where it is granted you can click on the eye icon (B).

15. Others

15.1 Selecting Dates

To select the Date from the date picker follow the steps below:

Click “V” besides the date field, the calendar would be displayed as shown below:

By default, the Current date will be selected. User can change the month /date / year.
To select the date simply click on the date you want to specify.
User can also change the month directly by clicking on the month name. List of all the months will be displayed, as shown below.

Once a month is selected from the list, it will be displayed in the calendar.

The user can increase or decrease the year by directly clicking on the year.
On clicking on Today, the current date will be selected.

1. Introduction

1.1 Visual Guard Console UI

1.2 Installation Guide

System requirements

Installation

2. Repository

2.1 ﻿﻿Connect to a Repository

2.2 Create a new Repository

2.2.1 Create a new Repository (File system)

2.2.2 Create a new Repository (SQL Server)

2.2.3 Create a new Repository (Oracle)

2.3 Add an Existing Repository

2.3.1 Add an Existing Repository (File system)

2.3.2 Add an Existing Repository (SQL Server).

2.3.3 Add an Existing Repository (Oracle)

2.3.4 Add an Existing Repository (VG Server)

2.4 View Repository Information

2.5 View Applications details

2.6 Event Viewer

2.7 Generate Documentation

2.8 Edit Password Policy

2.9 Global MFA Policy

2.10 Deploy & Import Repository

Option 2:

Option 3:

Import Deployment Configuration Files

2.11 Rename Repository

2.12 Maintenance

2.13 Disconnect from a Repository

2.14 Remove Repository

2.15 Delete from Repository list

3. License Key

3.1 License Key - WinConsole

3.2 Downloading

3.3 Cancelling a Request

4. MultiFactor Authentication (MFA) Enrollment

Modes of Authentication

4.1 Via Email Address

4.2 Via Phone Number

4.3 Via Microsoft Authenticator

5. Monitoring

Overview

Choosing the Scope of Supervision

Selecting Specific Events

Time-Based Monitoring

Event History

Key Features of Monitoring

Utilizing Monitoring

Considerations and Best Practices

5.1 Attendance hours

Overview

Event Aggregation and Filtering

Considerations and Best Practices

Viewing Individual Events

5.2 Historical Data

Chart Type: Hourly

Chart Type: Daily

Chart Type: Monthly

5.3 Real time

6. Groups

6.1 Manage Groups

6.2 Search and Select Goups

Filter the list of Groups

Select/De-select a Group

Select Group(s)

– DE-SELECT GROUP(S)

– ASSIGN USERS TO GROUPS

EDIT ROLE

Refresh Page

6.3 Create a Sub-Group

6.4 Group

6.5 Edit Group

6.5.1 Edit Group Properties

6.5.2 Edit Profile of a Group

6.5.3 Edit the Roles Granted to a Group

6.5.4 Edit the Users Assigned to a Group

6.6 Rename a Group

6.7 Remove a Group

7. Shared Roles

7.1 Duplicate

2.1 Connect to a Repository