Chat now with support
Chat with Support

Enterprise Single Sign-On 8.0.6 - Installation Guide

1. Overview 2. Preparing the Storage of Security Data in the LDAP Directory
2.1 Active Directory 2.2 Active Directory + ADAM or AD LDS 2.3 OpenLDAP 2.4 Netscape iPlanet / Sun Java System / Red Hat / Fedora Directory Server 2.5 Novell eDirectory 2.6 IBM Tivoli Directory Server 2.7 Deploying a Workstation LDAP User Account
3 Installing Quest ESSO Controllers and Audit Databases 4 Installing and Configuring the Software Modules on the Workstations 5 Enabling the Self Service Password Request (SSPR) Capability 6. Enabling OTP Authentication 7 Enabling the Group Membership Modification Feature 8 Centralizing Parameters Using Group Policy Objects (GPO) 9 Installing Quest ESSO MSI Packages in Silent Mode Appendix A: Advanced Configuration: Audit Appendix B: Activating Traces Appendix C: Retrieving the Serial Number on a MiFARE RFID Badge

2.6.2 Setting ACLs on an IBM Tivoli Directory Server

Where the <DN> string must be replaced with the user DN.
To set Quest ESSO access permissions on the directory, apply the following LDIF file on the directory root:

2.6.3 Setting Indexes on IBM Tivoli Directory Server Attributes

2.6.4 Configuring Secure Authentication

With IBM Directory Server, Quest ESSO supports DIGEST-MD5 SASL mechanisms. This section explains how to configure Quest ESSO for DIGEST-MD5 with IBM Directory Server.

2.6.5 Configuring Data Securization

Quest ESSO supports TLS and SSL, but it is strongly recommended to configure your LDAP directory to support TLS.
In the Windows registry, under the HKLM/Software/Enatel/WiseGuard/FrameWork/Directory key, configure TLS with the following values:
TLS: TLS activation. The following values are available:
0: TLS is not activated to secure Quest ESSO communications.
TLSDemand: configures the behavior in case of TLS failure when it is activated:
TLSVerifyServerCertificate: checks the server certificate.
TLSCACertificateFile: enter the path to the CA certificate file.
TLSCACertificatePassword: enter the password used if needed to open the CA certificate file.
TLSCACertificateFileFormat file format used to store the certificate:
1 - IBM Keyring "CMS" file.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating