Chat now with support
Chat with Support

Enterprise Single Sign-On 8.0.6 - Advanced Login for Windows User Guide

1 Overview 2 Logging on to Windows 3 Locking/Unlocking Your Windows Session 4 Switching Users Without Logging Off Windows (Fast User Switching) 5 Displaying Session Information (Windows XP/2003 only) 6 Shutting Down Your Workstation (Windows XP/2003 only) 7 Managing Your Password or PIN 8 Managing the Unblocking of Your Smart Card 9 Managing Your Windows Session Accounts 10 Managing Primary Accounts on Your Smart Card 11 Renewing your Smart Card Certificate(s) 12 Managing a Cluster from Your Workstation 13 Managing Session Delegation 14 Deleting Your Roaming Session 15 Logging on as an Administrator on a User Session Appendix A: Advanced Login Registry Keys Appendix B: Integrating Quest ESSO with Prim'X Cryhod

A.5 Roaming Session

Quest ESSO client
0 (default): the roaming session is opened with any authentication method (RFID token or smart card).
Quest ESSO Controller
To manage roaming sessions, it is recommended in some complex architecture to force controllers to connect to the same LDAP server (to avoid problems of replication delay between LDAP servers used by the controllers). In such a case, this registry key allows you to configure the LDAP servers list by order of priority.
AD: HKEY_LOCAL_MACHINE\Software\[Policies\]Enatel\WiseGuard\FrameWork\Directory
Quest ESSO client
0 (default): a password is asked when authenticating with an RFID badge.
Quest ESSO client
0 (default): the roaming session is created with any authentication method (smart card or RFID token).

A.6 Smart Card

Quest ESSO client
0 (default): not configured (=lock).
Quest ESSO client

A.7 User Access

Quest ESSO client
The users who are members of the local "administrators" group can bypass the Advanced Login login window even if they cannot create the SSOWatch keys/objects:
Quest ESSO client
Quest ESSO client
Display/Hide the Open the session over a modem connection option.
0 (default): option displayed.
Quest ESSO client
Quest ESSO client
0 (default): at user authentication, Advanced Login opens a standard Windows session, and then gets the user credentials (stored in the QUEST ESSO directory) to start the SSO engine with them.
1: at user authentication, Advanced Login first tries to authenticate with the given credentials against the QUEST ESSO directory:
Quest ESSO client

Appendix B: Integrating Quest ESSO with Prim'X Cryhod

Quest ESSO supports integration with Cryhod on Microsoft Windows 7 and Microsoft Windows 2008 systems only.
The integration consists of an automatic passing of a Smart Card PIN from Cryhod to Quest ESSO. This allows the user to perform Cryhod and Quest ESSO Smart Card authentication while only entering the PIN once.
The PIN-passing function is implemented in a Windows DLL which is provided by Quest ESSO and used by the Cryhod Encryption Service according to Cryhod configuration parameters.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating