Description When configuring Enterprise Manager (EM) to authenticate users through Okta using OAuth2/OIDC, login may fail even though the Okta sign-in sequence itself completes successfully. Be Aware: Enterprise Manager logs may show the following warnings or errors: – WARNING backend.py:227 No group associations found for OAuth user. – ERROR token_handler.py:313 Failed to decode token. … Continue reading Enterprise Manager Oauth login fails due to Missing Groups Claim in Access Token using Okta
Category: exacqVision Enterprise
Enterprise Manager OAuth Login Fails When Behind Reverse Proxy Due to Missing SECURE_PROXY_SSL_HEADER and CSRF_TRUSTED_ORIGINS
Description Enterprise Manager OAuth Login Fails When Behind Reverse Proxy Due to Missing SECURE_PROXY_SSL_HEADER and CSRF_TRUSTED_ORIGINS Product Enterprise Manager version 26 thru latest versions Summary When Enterprise Manager is deployed behind a reverse proxy that terminates HTTPS, authentication may fail during the OAuth2/OIDC login callback. This happens even when Okta configuration is correct. Enterprise Manager… Continue reading Enterprise Manager OAuth Login Fails When Behind Reverse Proxy Due to Missing SECURE_PROXY_SSL_HEADER and CSRF_TRUSTED_ORIGINS
Configuring DjangoSecure SSL Header for Enterprise Manager – Linux
Enterprise Manager versions 25 through the latest releases support Django’s SECURE_PROXY_SSL_HEADER setting, which allows administrators to define an HTTP header/value pair that tells Django a request is secure. This may be required in environments using:OAuth‑based authenticationReverse proxies or load balancersWildcard SSL certificatesTLS termination prior to Enterprise Manager By default, Enterprise Manager does not enable this… Continue reading Configuring DjangoSecure SSL Header for Enterprise Manager – Linux
Configuring DjangoSecure SSL Header for Enterprise Manager – Windows
Enterprise Manager versions 25 through the latest releases support Django’s SECURE_PROXY_SSL_HEADER setting, which allows administrators to define an HTTP header/value pair that tells Django a request is secure. This may be required in environments using:OAuth‑based authenticationReverse proxies or load balancersWildcard SSL certificatesTLS termination prior to Enterprise Manager By default, Enterprise Manager does not enable this… Continue reading Configuring DjangoSecure SSL Header for Enterprise Manager – Windows
Configuring Django CSRF_TRUSTED_ORIGINS for use with Enterprise Manager – Linux
The Django CSRF_TRUSTED_ORIGINS setting provides a mechanism for configuring a list of trusted origins for unsafe HTTP requests for Linux Enterprise Manager host servers. The list is empty by default. This is configured by setting up a Linux SYSTEM Environment variable. When configured, Enterprise Manager will initialize the configured list on startup. This may be… Continue reading Configuring Django CSRF_TRUSTED_ORIGINS for use with Enterprise Manager – Linux
Configuring Django CSRF_TRUSTED_ORIGINS for use with Enterprise Manager – Windows
The Django CSRF_TRUSTED_ORIGINS setting provides a mechanism for configuring a list of trusted origins for unsafe HTTP requests for Windows Enterprise Manager server hosts. The list is empty by default. This is configured by setting up a Windows or Linux SYSTEM Environment variable. When configured, Enterprise Manager will initialize the configured list on startup. In… Continue reading Configuring Django CSRF_TRUSTED_ORIGINS for use with Enterprise Manager – Windows
Enterprise Manager Best Practise Guide for running Upgrade.
Warning: Level 2 Document – Please do not distribute. Below you will find a quick bullet point list of general best practices when running an EM upgrade from the EM host with the installer package.
Configuring Exacq Enterprise Manager (EM) for Active Directory (LDAP/LDAPS) and Global Catalog
Warning: Level 2 – Please do not distribute. Audience: Level 2 Support Applies to: Exacq Enterprise Manager (EM), AD Integration, Multi-domain Forests 1. Overview This KB describes how to configure Exacq Enterprise Manager (EM) to authenticate against Active Directory. It includes LDAP field requirements, recommended filters, and how to enable forest-wide authentication with the Global… Continue reading Configuring Exacq Enterprise Manager (EM) for Active Directory (LDAP/LDAPS) and Global Catalog
Missing HSTS Header in ExacqVision Enterprise Manager Versions 24.12–25.1.11.0 could trigger security scans
Description Some security scanning tools may report that the ExacqVision Enterprise Manager (EM) web interface is missing the HTTP Strict Transport Security (HSTS) header when running EM versions 24.12 through 25.1.11.0.This does not affect system operation, but it may appear as a security compliance finding. Product Cause Certain versions of Enterprise Manager did not include… Continue reading Missing HSTS Header in ExacqVision Enterprise Manager Versions 24.12–25.1.11.0 could trigger security scans
EM Last Roll Off Red Banner
Description In Enterprise Manager (EM) versions before version 24, when using Microsoft SQL Server, data roll‑off may stop if a deleted user is still referenced inside a rule. Product Steps to Reproduce Expected Results Actual Results IntegrityError: (‘23000’, ‘[23000] [Microsoft][ODBC Driver 17 for SQL Server][SQL Server] The DELETE statement conflicted with the REFERENCE constraint “rules_actionuser_slug_user_slug_id_db52cb8b_fk_organization_enterpriseuser_id”.… Continue reading EM Last Roll Off Red Banner