Tanium 6.x: Disable remember login

 

 

Introduction

For convenience, the Tanium Console can cache console users' credentials so that operators are not required to re-enter their passwords when logging back into the console. For some organizations, this behavior is not desirable. An Administrator can disable the "Remember Login" feature.

To disable Console Users from being able to select the option "Remember Login" when authenticating to the Tanium Console use the following steps.

These settings are not stored in the database, but rather are stored in the registry of the Tanium server in the ConsoleSettingsJSON registry entry pointing to the configuration file used. It may take a minute for configuration to be updated and for the setting to take affect.

Note: Do not adjust any other Global Settings unless directed explicitly by Tanium Support or an applicable article on this site. The global variables in 6.5 and 6.2 are different. Be sure to add the proper variable and settings carefully.

Adding the Global Setting for Tanium versions 6.2

1. Log in to the Tanium Console as an Administrator.

2. Navigate to Administration > Global Settings.

3. Click the link "Add New Setting" located in the upper right corner of the Global Settings tab.

4. Enter the following values for the designated parameters:

    a. Setting Name: prohibit_saved_login
    b. Setting Value: 1
    c. Value Type: Numeric
    d. Affects: Server
    e. Setting Note: Enter the date, your UserID, and a description to document the reason for adding the setting

5. Press Save.

Adding the Global Setting for Tanium versions 6.5

1. Log in to the Tanium Console as an Administrator.

2. Navigate to Administration > Global Settings.

3. Click the link "Add New Setting" located in the upper right corner of the Global Settings tab.

4. Enter the following values for the designated parameters:

    a. Setting Name: console_prohibitSavedLogin
    b. Setting Value: 1
    c. Value Type: Numeric
    d. Affects: Server
    e. Setting Note: Enter the date, your UserID, and a description to document the reason for adding the setting

5. Press Save.

Test Setting

Log out of the Tanium Console and examine the Login Screen. If the setting was entered correctly, notice that the check box to save a login has disappeared.

Conclusion

In some organizations, Information Security may direct that logins must not be saved. This setting allows the Tanium Console to comply with that specific security policy.

Have more questions? Submit a request