Chat now with support
Chat with Support

Enterprise Single Sign-On 8.0.6 - Installation Guide

1. Overview 2. Preparing the Storage of Security Data in the LDAP Directory
2.1 Active Directory 2.2 Active Directory + ADAM or AD LDS 2.3 OpenLDAP 2.4 Netscape iPlanet / Sun Java System / Red Hat / Fedora Directory Server 2.5 Novell eDirectory 2.6 IBM Tivoli Directory Server 2.7 Deploying a Workstation LDAP User Account
3 Installing Quest ESSO Controllers and Audit Databases 4 Installing and Configuring the Software Modules on the Workstations 5 Enabling the Self Service Password Request (SSPR) Capability 6. Enabling OTP Authentication 7 Enabling the Group Membership Modification Feature 8 Centralizing Parameters Using Group Policy Objects (GPO) 9 Installing Quest ESSO MSI Packages in Silent Mode Appendix A: Advanced Configuration: Audit Appendix B: Activating Traces Appendix C: Retrieving the Serial Number on a MiFARE RFID Badge

2.4.2.2 Cooperative Storage Mode

In this mode, Quest ESSO data is stored in a dedicated naming context. The ACLs are set on this naming context.
If you want to authenticate in Quest ESSO as an administrator, you must create a user or a group of users and give it administration rights in the directory.
1.
In the Quest ESSO installation package, open the TOOLS\ESSODirectory\WGDirectoryServer\wiseguard-ACL-cooperativemode-extmgr.ldif file in a text editor and perform the following modifications:
Replace ##SUFFIX## with the Distinguished Name of the dedicated naming context.
Replace ##AUTHSUFFIX## with the Distinguished Name of your corporate naming context.
Replace ##WGFOREIGNOBJECTS## with the Distinguished Name of the container of the Quest ESSO naming context storing the users personal Quest ESSO data.
To know the value of this DN, you must have previously created the Quest ESSO default objects. By default the value of this DN is: ou=IAMForeignObjects,ou=Default, ou=ESSO,<dedicated suffix>

2.4.3 Setting Indexes on Netscape iPlanet / Sun Java System / Red Hat / Fedora Directory Server Attributes

2.4.3.1 Setting Indexes on Standard Attributes

Set these attributes in the corporate and in the Quest ESSO dedicated naming contexts.
Since the administrator can change the attributes used for this search by modifying the UserSearchFilter registry value, he has to check if the attributes he chooses are indexed.

2.4.3.2 Setting Indexes on Quest ESSO Specific Attributes

The following Quest ESSO specific attributes must be indexed:
Set these specific attributes in the Quest ESSO dedicated naming context only.
If you want to use Web Access Manager with Quest ESSO, set the following attributes:
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating