Chat now with support
Chat with Support

Enterprise Single Sign-On 8.0.6 - Installation Guide

1. Overview 2. Preparing the Storage of Security Data in the LDAP Directory
2.1 Active Directory 2.2 Active Directory + ADAM or AD LDS 2.3 OpenLDAP 2.4 Netscape iPlanet / Sun Java System / Red Hat / Fedora Directory Server 2.5 Novell eDirectory 2.6 IBM Tivoli Directory Server 2.7 Deploying a Workstation LDAP User Account
3 Installing Quest ESSO Controllers and Audit Databases 4 Installing and Configuring the Software Modules on the Workstations 5 Enabling the Self Service Password Request (SSPR) Capability 6. Enabling OTP Authentication 7 Enabling the Group Membership Modification Feature 8 Centralizing Parameters Using Group Policy Objects (GPO) 9 Installing Quest ESSO MSI Packages in Silent Mode Appendix A: Advanced Configuration: Audit Appendix B: Activating Traces Appendix C: Retrieving the Serial Number on a MiFARE RFID Badge

2.3.1 Extending the Schema of an OpenLDAP Directory

To extend the schema of an existing OpenLDAP directory, the wiseguard.schema file is provided on the Quest ESSO installation package, in TOOLS\ESSODirectory\WGOpenLdapSetup.
Include the Quest ESSO schema definition after the standard schema definitions by adding the following command line in slapd.conf:

2.3.2 Setting ACLs on an OpenLDAP Directory

To position ACLs on an OpenLDAP directory, use the wiseguard-em.acl file located on the Quest ESSO installation package, in TOOLS\ESSODirectory\WGOpenLdapSetup.
If you want to authenticate as an administrator in Quest ESSO, you must create a user or a group of users and give it administration rights in the directory.
Edit slapd.conf to set your ACLs, with the following guidelines:
The access directive, which is used to set ACLs is complex. It allows very fine control over who can access what objects and attributes and under what conditions. The side-effect of this complexity and power is that it is very easy to get the access directive wrong. You must thoroughly test ACL directives with all possible permissions.
The access directive may be placed in either the global or the database section of slapd.conf.

2.3.3 Setting Indexes on OpenLDAP Attributes Setting Indexes on Standard Attributes

Since the administrator can change the attributes used for this search by modifying the UserSearchFilter registry value, he has to check if the attributes he chooses are indexed.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating