Chat now with support
Chat with Support

Enterprise Single Sign-On 8.0.6 - Installation Guide

1. Overview 2. Preparing the Storage of Security Data in the LDAP Directory
2.1 Active Directory 2.2 Active Directory + ADAM or AD LDS 2.3 OpenLDAP 2.4 Netscape iPlanet / Sun Java System / Red Hat / Fedora Directory Server 2.5 Novell eDirectory 2.6 IBM Tivoli Directory Server 2.7 Deploying a Workstation LDAP User Account
3 Installing Quest ESSO Controllers and Audit Databases 4 Installing and Configuring the Software Modules on the Workstations 5 Enabling the Self Service Password Request (SSPR) Capability 6. Enabling OTP Authentication 7 Enabling the Group Membership Modification Feature 8 Centralizing Parameters Using Group Policy Objects (GPO) 9 Installing Quest ESSO MSI Packages in Silent Mode Appendix A: Advanced Configuration: Audit Appendix B: Activating Traces Appendix C: Retrieving the Serial Number on a MiFARE RFID Badge

4.4 Installing French Healthcare Smart Cards (CPS)

1.
2.
In the Select a task list, select Install software modules.
3.
In the Software Installation task list, click Install French Healthcare (CPS) smart cards.

4.5 Installing Finger Vein Biometric Drivers

1.
2.
In the Select a task list, select Install software modules.
3.
In the Software Installation task list, click Install finger vein biometric drivers.

4.6 Modifying the Possible Domains List

Upon the Quest ESSO installation process in multi-domain mode, you may need to modify the list of possible domains displayed by the authentication windows of Quest ESSO workstation clients. The following procedure describes how to modify the possible domains list.
Only for Quest ESSO in multi-domain mode with Active Directory or Active Directory/ADAM (or Active Directory/AD LDS) architectures.
1.
On the wanted Quest ESSO Controller, start Registry Editor.
2.
In the HKLM\Software\Enatel\WiseGuard\FrameWork\Directory, add the following value:

5 Enabling the Self Service Password Request (SSPR) Capability

This section describes how to install and activate the Self Service Password Request (SSPR) capability, from downloaded Quest ESSO installation package. You can install these components on any supported Windows systems.
In silent mode: command line options allow you to specify installation options for each of the installation packages: see 9., "Installing Quest ESSO MSI Packages in Silent Mode".
The silent installation can only be used for updating the web server: the MSI does not include the Apache server installation, which is a prerequisite for the Self-Service Password Request and the
Quest ESSO API.
From a workstation where Quest ESSO Console is installed, do the following:
Enable the Password never expires option for this account.
If you start Quest ESSO Console in hardware protection mode, assign a smart card to this user account using Quest ESSO Console, with the following guidelines (this card will be used by the Quest ESSO Security Services to enable the Self Service Password Request (SSPR) capability):
The owner of this token must have the Delegate the right to retrieve SSO data administration right.
The user must have authenticated at least once on Quest ESSO; so that specific administration rights to manage Self Service Password Request (SSPR) can be delegated to him/her:
In classic administration mode: SSO Data Recoverer administration role.
Check that port 80 is not used.
1.
If you have chosen the Hardware protection mode at Quest ESSO primary controller initialization (see 3.3, "Initializing the Primary Controller"), install the driver for your smart card reader.
2.
Start the Administration Tools interface, as described in 3.1, "Starting the Administration Tools window".
If you want to install a standalone Quest ESSO SSPR Web server on a 64-bit environment, where no other Quest ESSO package (client or controller) is installed and will never be installed, you must select the 32-bit installer.
Use the 64-bit installer only if another Quest ESSO 64-bit package is already installed on the computer.
3.
In the Select a task drop-down list, click Install Self Service Password Request capability:
4.
If you are installing Self Service Password Request (SSPR) on a workstation where no other Quest ESSO software module is running, click Configure workstation and follow the displayed instructions (for details, see 4.1, "Configuring Workstations").
5.
Click Install Quest ESSO Web Server.
a)
Select the Self Service Password Reset check box.
b)
To use the SSPR server with Advanced Login, select the Web Service check box.
7.
Click the Install (or Update) button to launch installation.
This Apache web server runs with the Apache mod_ssl module, PHP (used by the Self Service Admin Portal) and the gSOAP module (used by Advanced Login in connected mode).
8.
In the Administration Tools window, click Define administrator credentials for Self Service Password Request.
If you have chosen the Software protection mode, select Software credentials and fill-in the Software credentials area with the credentials of the dedicated user account allowed to manage SSPR (see Before Starting above).
If you have chosen the Hardware protection mode, select Hardware credentials, insert the SSPR smart card previously created in the smart card reader and provide the PIN for the smart card.
10.
Click OK to register the administrator’s credentials
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating