Chat now with support
Chat with Support

Enterprise Single Sign-On 8.0.6 - SSOWatch Administrator Guide

1 Overview 2 SSOWatch 3 Configuration Editor: Enterprise SSO Studio
3.1 Interface Overview 3.2 Starting and Stopping Enterprise SSO Studio 3.3 Creating or Opening a Configuration 3.4 Configuring General SSO Parameters 3.5 Defining PFCP and Application Profiles 3.6 Defining Application and Technical Definition Objects 3.7 Defining Window Objects 3.8 Testing the SSO 3.9 Exporting or Importing Objects 3.10 Managing Objects in the Tree 3.11 Saving Object Configurations 3.12 Managing Configuration Updates 3.13 Refreshing the Tree
4 The Generic Plug-in 5 The Microsoft Internet Explorer Plugin  6 The SAP R/3 Plug-in 7 Terminal Type Applications 8 The HLLAPI Plug-in 9 Advanced Configuration 10 OLE/Automation Interface Appendix A: Cache Tuning and Asynchronous Update of the Application Data Appendix B: Integrating Care-FX with SSOWatch

2.13 Removing the Icon from the Notification Area

Once SSOWatch is started, an icon appears in the Windows notification area. In certain cases, it is preferable to remove this icon:
In a Citrix Metaframe/Windows Terminal Server environment, when published applications are used in conjunction with SSOWatch, an icon representing SSOWatch running on the server appears on the client PC notification area (in addition to any local SSOWatch which may be running).
The first key has precedence over the second. The /notrayicon command line has precedence over the Registry.
a)
In the SSOWatch command line (see 2.3.1 Starting SSOWatch), add the parameter /notrayicon.

3 Configuration Editor: Enterprise SSO Studio

Enterprise SSO Studio is the SSOWatch configuration editor. It allows you to describe the applications for which you want SSOWatch to enable Single Sign-On or account collect (in Access Collector mode), but which could not be configured through the Enterprise SSO Wizard.
Additionally, for those applications that have been configured using Enterprise SSO Wizard,
Enterprise SSO Studio enables you to modify or enhance their configuration.
In case SSOWatch used in Access Collector mode, Enterprise SSO Studio allows the administrator to configure all the enterprise applications for the users, so that users' account can be automatically collected in the users' directory.
Enterprise SSO Studio provides an easy-to-use graphic interface for defining configuration parameters. It is dedicated to application administrators, or to "super-users" who have access to all necessary parameters.
The defined application parameters result in the creation of a unique SSOWatch configuration file. You can define as many applications as needed; SSOWatch manages each application totally independently of others.
Its properties, such as acceptable password formats, its behavior as seen by the SSOWatch, the accounts that the user will use to connect to the application.
QEnterprise SSO Studio Types
The two following Quest Enterprise SSO Studio types are available:
Enterprise SSO Studio: the application configuration is shared by a number of users.
In LDAP storage mode, centralized configuration is defined in the LDAP directory for which SSO access is either authorized or denied for a given user or group of users.
In local storage mode, the configuration is saved in a file in the Windows registry.
In Enterprise mode, the administrator may create as many configurations as he or she wishes, and each configuration is saved in a file.
Quest ESSO can be installed in two different modes: With and without Controller (for more details, see Quest ESSO Installation Guide).
With Controller (Client/Server) mode, the configuration of applications is only partly done with SSO Studio: the technical definition of applications can be done with SSO Studio, but the application definition must be terminated from the Quest ESSO administration console (see Quest ESSO Console Administrator's Guide).

3.1 Interface Overview

Enterprise SSO Studio presents target application parameters as SSO objects organized into a tree structure.
Enterprise SSO Studio enables you to create, modify or delete objects and to store them in an LDAP directory (LDAP mode) or in a SSOWatch configuration file (local storage mode). It is a "single-document" application, which means that only one configuration can be edited at a time.
In Enterprise SSO Studio used in LDAP storage mode, the displayed tree corresponds to the associated LDAP directory defined at initialization time, as illustrated in the following example figure (interface example of Enterprise SSO Studio used in LDAP storage and with Controller).
In Enterprise SSO Studio used in local storage mode, or in Personal SSO Studio, the tree displayed is not linked to an LDAP directory, as illustrated in the following example figure (example interface of Personal SSO Studio).
In local storage mode, the configuration is defined with a root node called Local SSOWatch Configuration, to which two other nodes are attached. These are called Applications and Configuration Objects, and are used for Quest ESSO object declarations. 
The Enterprise SSO Studio main window is composed of:
(Enterprise SSO Studio only)
Creates a new SSO configuration.
(Enterprise SSO Studio only)
Opens an existing SSO configuration.
(Enterprise SSO Studio only)
Opens the SSO Settings by Population window, which allows you to define the population allowed to access the application.

3.2 Starting and Stopping Enterprise SSO Studio

This section explains how to start and stop Enterprise SSO Studio or Personal SSO Studio:
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating