Oracle Enterprise Single Sign-on Authentication Manager. Release Notes Release E

Similar documents
Oracle Enterprise Single Sign-on Kiosk Manager

Oracle Enterprise Single Sign-on Kiosk Manager. User Guide Release E

Oracle Enterprise Single Sign-on Authentication Manager

Tivoli Access Manager for Enterprise Single Sign-On

Oracle Enterprise Single Sign-on Logon Manager. Installation and Setup Guide Release E

Oracle Enterprise Single Sign-on Authentication Manager. Installation and Setup Guide Release E

Oracle Information Rights Management Oracle IRM Windows Authentication Extension Guide 10gR3 August 2008

Primavera Portfolio Management Reporting Views for SQL Server databases

Oracle EnterpriseSingle Sign-on Authentication Manager. Installation and Setup Guide Release E

Adaptive Risk Manager Challenge Question Cleanup 10g ( ) December 2007

Oracle Information Rights Management Sealed for Lotus Notes Extension 10gR3 PR3 May 2008

OIPA System Requirements. Oracle Insurance Policy Administration - Life Release 8.1 E May 2009

Copyright 1998, 2009, Oracle and/or its affiliates. All rights reserved.


Oracle Enterprise Single Sign-on Provisioning Gateway

Governance, Risk, and Compliance Controls Suite. Hardware and Sizing Recommendations. Software Version 7.2

Oracle Enterprise Single Sign-on Logon Manager

Oracle Enterprise Single Sign-on Logon Manager How-To: Configuring ESSO-LM Event Logging with Microsoft SQL Server 2005 Release

Oracle Enterprise Manager

Oracle Enterprise Manager

Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

System Monitoring Plug-in Installation Guide for Microsoft Internet Information Services Release 4 ( ) Versions Supported

Oracle Enterprise Single Sign-on Provisioning Gateway

AutoVue Integration SDK. Security and Authentication Guide

Oracle Application Access Controls Governor. Release Notes Release 8.0.1

USING ADMINISTRATOR FEATURES

Oracle Enterprise Manager. Description. Platforms Supported. Versions Supported

PEOPLESOFT FINANCIALS/SUPPLY CHAIN MANAGEMENT 9 MAINTENANCE PACK 13 DELTA

Oracle Enterprise Manager. Description. Versions Supported. Prerequisites

Oracle Workflow Builder for Windows 2000 or Windows XP. Oracle XML Gateway Message Designer for Windows 2000

1 Review Information About this Guide

1 Review Information About this Guide

Oracle Database. Products Available on the Oracle Database Examples Media. Oracle Database Examples. Examples Installation Guide 11g Release 1 (11.

Oracle Enterprise Manager. Description. Versions Supported. Prerequisites

GRCC Reporting Framework BIP for GRCC Admin/Implementation Guide

2 Records Manager Updates

Oracle Enterprise Single Sign-on Logon Manager Best Practices: Deploying ESSO-LM with the Windows Authenticator Version 2 Release

Oracle Retail Category Management Release Notes Release April 2007

JD Edwards EnterpriseOne 8.12 Standalone Client Installation Guide. for the Oracle Application Server

March 2011

PDF Quick Reference. Oracle Health Sciences InForm CRF Submit Release Part Number: E

Oracle Alert Documentation Updates

Oracle Enterprise Manager. Description. Versions Supported. System Monitoring Plug-in Installation Guide for EMC CLARiiON System Release 5 (

Siebel Application Deployment Manager Guide. Version 8.0, Rev. A April 2007

Oracle Retail Demand Forecasting Installation Guide Release 12.0 May 2006

IVS Explorer User s Guide. Oracle Insurance Policy Administration - Life Release 8.1 E May 2009

Oracle Enterprise Single Sign-on Provisioning Gateway. Installation and Setup Guide Release E

New Features in Primavera Professional 15.2

AutoVue Document Print Service. Overview

Oracle Standard Management Pack

Oracle is a registered trademark, and Oracle Rdb, Oracle RMU and Oracle SQL/Services are trademark or registered trademarks of Oracle Corporation.

Secure Configuration Guide

Oracle Retail WebTrack Release Notes Release September 2007

Adaptive Risk Manager Offline PoC Guide 10g ( ) December 2007

Adaptive Strong Authenticator Configuration Guide 10g ( ) December 2007

Oracle Enterprise Single Sign-on Provisioning Gateway. Novell Identity Manager Integration and Installation Guide Release


Copyright

Getting Started with Attunity Replicate on Amazon EC2. Version 6.0

JavaFX. JavaFX System Requirements Release E

Oracle Insurance QuickView Service Ordering User Guide. Version 8.0

Primavera Portfolio Management 9.1 Bridge for Microsoft Office Project Server 2007 Users Guide

Technical Enhancements

Oracle Enterprise Manager

Oracle VueLink for Documentum

Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

1 Important Configuration Changes

Overview of the Plug-In. Versions Supported

Primavera Portfolio Management 9.1 Bridge for Primavera P6 Users Guide

Oracle Enterprise Manager

equestionnaire User Guide

Reporting User Guide. Prodika Product Lifecycle Management. Release 5.1

Oracle Enterprise Manager. Description. Versions Supported

Oracle Utilities Work and Asset Management

Oracle Enterprise Single Sign-on Logon Manager Best Practices: Template Configuration and Diagnostics for Mainframe Applications Release

Oracle Endeca Commerce Compatibility Matrix

Oracle Retail Demand Forecasting Installation Guide Release June 2007

Oracle Access Manager

BAA Oracle EBS R12.1 isupplier Portal Created on 11/26/2012 3:18:00 PM

JavaFX. JavaFX System Requirements Release E

Synchronous SAP Connector

Document Reference Library User Guide

Oracle Retail Replenishment Optimization Installation Guide Release April 2008

ORACLE DATA INTEGRATOR ADAPTER FOR HYPERION FINANCIAL MANAGEMENT GETTING STARTED

Oracle Enterprise Manager. 1 Introduction. System Monitoring Plug-in for Oracle Enterprise Manager Ops Center Guide 11g Release 1 (

Oracle Governance, Risk and Compliance Controls. Deployment with WebLogic Release 8.6.0

Copyright

Cover Page. Oracle Report Parser System Administration Guide 10g Release 3 ( ) March 2007

Siebel Brightware. Implementation Readiness Guide. Version 8.1.6

Computer Aided Compliance Screening User Guide

JD Edwards EnterpriseOne Licensing

Oracle Retail Allocation Operations Guide Addendum Release November 2006

Oracle Tuxedo Mainframe Adapter for SNA

Oracle Enterprise Manager

Oracle CADView-3D. Translator's User's Guide Release 12. Part No. B

Oracle Hospitality OPERA Exchange Interface Cloud Authentication. October 2017

Copyright

Configuration Fixes for Encryption

JD Edwards World Electronic Burst and Bind Guide. Version A9.1

Copyright

Transcription:

Oracle Enterprise Single Sign-on Authentication Manager Release Notes Release 10.1.4.1.0 E12622-01 October 2008

Oracle Enterprise Single Sign-on Authentication Manager Release Notes, Release 10.1.4.1.0 E12622-01 Copyright 2006-2008, Oracle. All rights reserved. The Programs (which include both the software and documentation) contain proprietary information; they are provided under a license agreement containing restrictions on use and disclosure and are also protected by copyright, patent, and other intellectual and industrial property laws. Reverse engineering, disassembly, or decompilation of the Programs, except to the extent required to obtain interoperability with other independently created software or as specified by law, is prohibited. The information contained in this document is subject to change without notice. If you find any problems in the documentation, please report them to us in writing. This document is not warranted to be error-free. Except as may be expressly permitted in your license agreement for these Programs, no part of these Programs may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose. If the Programs are delivered to the United States Government or anyone licensing or using the Programs on behalf of the United States Government, the following notice is applicable: U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the Programs, including documentation and technical data, shall be subject to the licensing restrictions set forth in the applicable Oracle license agreement, and, to the extent applicable, the additional rights set forth in FAR 52.227-19, Commercial Computer Software- -Restricted Rights (June 1987). Oracle USA, Inc., 500 Oracle Parkway, Redwood City, CA 94065. The Programs are not intended for use in any nuclear, aviation, mass transit, medical, or other inherently dangerous applications. It shall be the licensee's responsibility to take all appropriate fail-safe, backup, redundancy and other measures to ensure the safe use of such applications if the Programs are used for such purposes, and we disclaim liability for any damages caused by such use of the Programs. Oracle, JD Edwards, PeopleSoft, and Siebel are registered trademarks of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. The Programs may provide links to Web sites and access to content, products, and services from third parties. Oracle is not responsible for the availability of, or any content provided on, third-party Web sites. You bear all risks associated with the use of such content. If you choose to purchase any products or services from a third party, the relationship is directly between you and the third party. Oracle is not responsible for: (a) the quality of third-party products or services; or (b) fulfilling any of the terms of the agreement with the third party, including delivery of products or services and warranty obligations related to purchased products or services. Oracle is not responsible for any loss or damage of any sort that you may incur from dealing with any third party.

Oracle Enterprise Single Sign-on Authentication Manager 10.1.4.1.0 Table of Contents Oracle Enterprise Single Sign-on Authentication Manager 10.1.4.1.0... 4 What's New in ESSO-AM 10.1.4.1.0... 5 What's Changed in ESSO-AM 10.1.4.1.0... 7 Resolved Issues... 8 Open Issues... 9 Hardware and Software Requirements... 10 Product Documentation... 14 Page 3

ESSO-AM Release Notes Oracle Enterprise Single Sign-on Authentication Manager 10.1.4.1.0 Oracle is releasing version 10.1.4.1.0 of Oracle Enterprise Single Sign-on Authentication Manager (ESSO-AM). These release notes provide important information about this release. The information in this document supplements and supersedes information in the related product documents. Page 4

What's New in ESSO-AM 10.1.4.1.0 What's New in ESSO-AM 10.1.4.1.0 ESSO-AM integrates with most authentication methods and provides support for both primary logon and re-authentication requests (i.e., forced re-authentication, session timeout, or application-specific authentication request) for both connected and disconnected use. The major new features of this product include: Read-Only Smart Card Support ESSO-AM now supports read-only smart cards. To install support for this authenticator, during installation select Read-Only Smart Card on the Custom Setup panel. Advanced settings are available in the ESSO-LM Administrative Console. Open the console by clicking Start > Programs > Oracle > ESSO-LM > ESSO-LM Console. To access the readonly smart card settings, click Global Agent Settings > Live > Primary Logon Methods > Read-Only Smart Card > Advanced. See the Supported Authenticators section in this document for a list of supported read-only smart cards. Refer to the ESSO-AM Installation and Setup Guide for additional information on configuring read-only smart cards. Fujitsu mpollux DigiSign Client and ESSO-KM: Support for Fujitsu mpollux DigiSign Client used in conjunction ESSO-KM is available in preview-mode only. This functionality is considered Beta in the 10.1.4.1.0 release. Enhanced Reset Certificate Configuration Smart Card and Read-Only Smart Card authenticators now provide the ability to specify the certificate used for certificate-based reset through the use of an Object Identifier (OID). These authenticators search the "Enhanced Key Usage" attribute of each certificate on the smart card for this Object Identifier. This feature is set in the ESSO-LM Administrative Console on the Global Agent Settings > Live > Primary Logon Methods > (Read-Only Smart Card and Smart Card) > Advanced panel. The setting is Reset Certificate Object Identifier Refer to the ESSO-AM Installation and Setup Guide for additional information on configuring this setting. Secondary Authentication API Smart Card and Read-Only Smart Card Authenticators provide the option to enable a passphrase to authenticate the user in the case that the originally enrolled smart card is replaced. If the use of a passphrase is undesirable, the passphrase prompt can be eliminated by implementing an alternate solution through the use of the Secondary Authentication API. This feature can only be invoked when the Smart Card or Read-Only Smart Card Passphrase is set to use Enable (using a dialog box) as the passphrase. This feature is set in the ESSO- LM Administrative Console on the Global Agent Settings > Live > Primary Logon Methods > (Read-Only Smart Card and Smart Card) > Advanced panel. Page 5

ESSO-AM Release Notes Support for Active Directory Application Mode with Smart Card and Read- Only Smart Card Authenticators The Active Directory Application Mode (ADAM) repository is now supported when integrating with ESSO-KM and using Smart Card or Read-Only Smart Card authenticators. Page 6

What's Changed in ESSO-AM 10.1.4.1.0 What's Changed in ESSO-AM 10.1.4.1.0 Authenticator Technical Notes In previous releases, technical notes about the supported authenticators were listed in the Technical Notes section of these Release Notes. With this release, they are listed in an Authenticator Configuration Settings section of the ESSO-AM Installation and Setup Guide. Smart Card and ESSO-KM Integration The Store Synchronization Credentials setting configures whether to store the user s synchronization repository credentials on the smart card. It should be set to "Store credentials" when using Smart Card authenticator with ESSO-KM. Previously, the synchronization credentials were always stored on the card. This setting is set to "Do not store credentials" by default and is located on the Global Agent Settings > Live > Primary Logon Methods > Smart Card > Advanced panel in the ESSO- LM Administrative Console.. Page 7

ESSO-AM Release Notes Resolved Issues Issues that were reported in earlier releases of ESSO-AM that have been resolved in this release include: Tracking Number a11007 a10519 a10571 a10640 a10554 a10813 Description of Issue When using the Proximity Card authenticator with the ADAM synchronizer, if the name of the ADAM partition name reflects a domain other than the user's domain, the authenticator cannot locate the user. The issue is that the authenticator attempts to use the domain referenced in the ADAM partition name, and not the user's actual domain. Proximity card with ESSO-KM: When starting a new ESSO-KM session with a proximity card, the user receives an "Invalid PIN" message and ESSO-KM does not unlock. The user is unable to complete the First Time Use (FTU) enrollment process in the Smart Card authenticator when using a Cryptoflex e-gate smart card in an Axalto 5.2 or Schlumberger 4.4.3 environment when Use default certificate for authentication is set to Use SSO-generated keys. The version information for the built InstallShield 2008 setup.exe file gets truncated at different lengths. This information can be viewed when right-clicking the setup.exe and checking the Version tab. Fields such as Product Name and Product Version are affected. Extended proximity card functionality to work with two additional proximity readers: RF IDeas pcprox USB RDR-6382AKU for Indala Flexcard and RF IDeas pcprox USB RDR-6E82AKU for EM Compatible devices. Users going through the FTU wizard using the RSA SecurID authenticator in a RSA LAC environment will see a message that indicates "Authentication Failed". This message displays when a standard user is logged into the machine. Page 8

Open Issues Open Issues This section describes issues that remain open in this release. Tracking Number a11487 a11542 Description After using read-only smart cards or proximity cards to start a new session in ESSO-KM, ESSO-LM does not respond to pre-defined applications until a synchronization event occurs. To work around this issue, disable the ESSO-KM Cached Credentials feature, located on the Global Agent Settings > Live > Kiosk Manager > Cached Credentials panel. When using Read-Only Smart Card authenticator with Fujitsu mpollux DigiSign Client and ESSO-KM, you may experience a delay of up to 20 seconds after a card is inserted into the reader, before being prompted for the PIN. Page 9

ESSO-AM Release Notes Hardware and Software Requirements The ESSO-AM hardware and software requirements are listed under the following sections: Supported Operating Systems System Requirements Software Prerequisites Supported Authenticators Supported Operating Systems The ESSO-AM components are supported on the following operating systems: Operating System Microsoft Windows 2000 Microsoft Windows XP Versions Supported SP4 SP2 Microsoft Windows Server 2003 SP1 System Requirements The ESSO-AM components system requirements are as follows: Disk Space Requirements Disk space requirements for the Agent: Minimum, excluding temporary space and runtime expansion Temporary disk space (/tmp) needed during installation MSI 15 MB 30 MB 20 MB EXE 20 MB 40 MB 25 MB For runtime expansion (configuration data and logs) Other Disk Space Requirements The following components require additional disk space requirements: Microsoft.NET Framework 2.0: 20 MB hard drive space (if not present) Microsoft Windows Installer: 20 MB hard drive space (if not present and if used) A note about the MSI installer and EXE installer The disk space requirements are different for the MSI and EXE installers as there are differences in the capabilities of these installers: The EXE installer file can be run in multiple languages. The MSI file is English-only. Page 10

Hardware and Software Requirements Software Prerequisites The ESSO-AM Agent requires the following software prerequisites: ESSO-LM This release requires ESSO-LM 10.1.4.0.5 Agent and Administrative Console with Fix Pack 3 applied. ESSO-KM If integrating with ESSO-KM, this release requires ESSO-KM 10.1.4.0.4 with Fix Pack 3 applied. Authenticator Software The client software for each authenticator must be installed. Strong authenticator clients are likely to have their own system requirements, which may differ from the requirements of ESSO-AM. Please refer to the strong authenticator s documentation to review the system requirements. Windows Installer Windows Installer 2.0 is required for the MSI installer file. Microsoft.NET Framework Microsoft.NET Framework 2.0 is required for the ESSO-LM Administrative Console. Page 11

ESSO-AM Release Notes Supported Authenticators ESSO-AM supports the following authenticators: Authenticator Authenticator brand and version supported Smart Card GemSafe Libraries 4.2.0 GemSafe GXPPro-R3.x STD PTS smart cards GemSafe GXPPro-R3.x FIPS PTS smart cards Schlumberger Cyberflex Access 4.3 Axalto Access Client Software 5.2 Cryptoflex e-gate 32K smart cards RSA Authentication Client 2.0 / Smartcard Middleware 2.0 RSA Smart Card 5200 smart cards RSA Smart Key 6200 RSA SecurID SID800 hardware authenticator NetMaker Net id 4.6 NetMaker Net id - CardOS 1 smart cards SafeSign/RaakSign Standard 2.3 ORGA JCOP21 v2.2 smart cards Microsoft Base Smart Card CSP Gemalto Cryptoflex.NET smart cards HID Crescendo 200 HID Crescendo 700 HID C700 middleware HID C200 mini-driver for MS BASE Smart Card CSP Read-Only Smart Card SafeSign Identity Client 2.2.0 IBM JCOP21id Fujitsu mpollux DigiSign Client 1.3.2-34(1671) DigiSign JCOP with MyEID Applet Xyloc Ensure Tech lock Ensure Tech Xyloc XC-2 badges Xyloc client 8.4.6 Xyloc Active Directory Schema Extension 4.2.6 Xyloc Active Directory UI Extension 4.2.0 Sphinx OmniKey Cardman 5121 reader HID iclass 16k CL proximity cards Sphinx Logon Manager v3.2.36 Sphinx CardMaker v3.2.36 SAFLink Precise Biometrics 100 series reader SAFsolution(R) Enterprise Edition Version 1.3 Entrust Entrust Desktop Solutions 6.1 Proximity Card OmniKey Cardman 5125 reader o HID Proximity 125 khz Credentials 1386 ISOProx II 1336 DuoProx II 1346 ProxKey II OmniKey Cardman 5121 reader OmniKey Cardman 5321 reader Page 12

Hardware and Software Requirements Authenticator Authenticator brand and version supported o iclass Contactless 13.56 MHz Credentials 2080 ICLASS Clamshell Card o FlexSmart Series /MIFARE / DESFire - 13.56 MHz Credentials 1430 MIFARE ISO Card 1450 DESFire ISO Card RF IDeas pcprox USB RDR-6382AKU o Indala FlexCard RF IDeas pcprox USB RDR-6E82AKU o EM wristband RSA SecurID RSA Authentication Agent 6.1 for Windows RSA Local Authentication Toolkit (LAT) RSA SecurID SID800 hardware authenticator RSA SecurID SID700 hardware authenticator SoftID Helper RSA SecurID Software Token 3.0.3 RSA Authentication Client 2.0 RSA SecurID SID800 hardware authenticator RSA SecurID SID700 hardware authenticator Page 13

ESSO-AM Release Notes Product Documentation The following documentation supports this product: ESSO-AM Installation and Setup Guide ESSO-LM Administrative Console Help ESSO-LM Agent Help Page 14

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback