Chat now with support
Chat with Support

Enterprise Single Sign-On 8.0.6 - Installation Guide

1. Overview 2. Preparing the Storage of Security Data in the LDAP Directory
2.1 Active Directory 2.2 Active Directory + ADAM or AD LDS 2.3 OpenLDAP 2.4 Netscape iPlanet / Sun Java System / Red Hat / Fedora Directory Server 2.5 Novell eDirectory 2.6 IBM Tivoli Directory Server 2.7 Deploying a Workstation LDAP User Account
3 Installing Quest ESSO Controllers and Audit Databases 4 Installing and Configuring the Software Modules on the Workstations 5 Enabling the Self Service Password Request (SSPR) Capability 6. Enabling OTP Authentication 7 Enabling the Group Membership Modification Feature 8 Centralizing Parameters Using Group Policy Objects (GPO) 9 Installing Quest ESSO MSI Packages in Silent Mode Appendix A: Advanced Configuration: Audit Appendix B: Activating Traces Appendix C: Retrieving the Serial Number on a MiFARE RFID Badge

2.5.4 Configuring Secure Authentication (Optional)

With Novell eDirectory, Quest ESSO supports the following SASL mechanisms:
NMAS: the SASL/NMAS mechanism allows the use of NMAS modular authentication from Novell, and allows a choice between available authentication sequences. Quest ESSO only supports the NDS sequence, which consists in a secure authentication with login and password.
This section explains how to configure Quest ESSO for DIGEST-MD5 and NMAS with Novell eDirectory.
In the Windows registry, set the DWORD value HKLM/Software/Enatel/WiseGuard/FrameWork/Directory/LdapAuthMethod as follows:

2.5.5 Configuring Data Securization

Quest ESSO supports TLS and SSL, but it is strongly recommended to configure your LDAP directory to support TLS.
In the Windows registry, under the HKLM/Software/Enatel/WiseGuard/FrameWork/Directory key, configure TLS with the following values:
TLS: TLS activation. The following values are available:
0: TLS is not activated to secure Quest ESSO communications.
TLSDemand: configures the behavior in case of TLS failure when it is activated:
TLSVerifyServerCertificate: checks the server certificate.
TLSCACertificateFile: enter the path to the CA certificate file.
TLSCACertificatePassword: enter the password used if needed to open the CA certificate file.

2.6 IBM Tivoli Directory Server

2.6.1 Extending the Schema of an IBM Tivoli Directory Server

To extend the schema of an IBM Tivoli Directory Server, two files are provided on the Quest ESSO installation package, in TOOLS\ESSODirectory\WGITDS:
User objects must possess the enatelUser auxiliary class to be able to use Quest ESSO.
Click the Manage schema files section.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating