Tivoli Access Manager for Enterprise Single Sign-On

Similar documents
Tivoli Access Manager for Enterprise Single Sign-On

Tivoli Access Manager for Enterprise Single Sign-On

Tivoli Access Manager for Enterprise Single Sign-On

IBM Tivoli Access Manager for Enterprise Single Sign-On: Authentication Adapter Version 6.00 September, 2006

Tivoli Access Manager for Enterprise Single Sign-On

Tivoli Access Manager for Enterprise Single Sign-On

Tivoli Access Manager for Enterprise Single Sign-On

Release Notes. IBM Tivoli Identity Manager Rational ClearQuest Adapter for TDI 7.0. Version First Edition (January 15, 2011)

Release Notes. IBM Tivoli Identity Manager Universal Provisioning Adapter. Version First Edition (June 14, 2010)

Release Notes. IBM Tivoli Identity Manager Oracle PeopleTools Adapter. Version First Edition (May 29, 2009)

Release Notes. IBM Security Identity Manager GroupWise Adapter. Version First Edition (September 13, 2013)

IBM Tivoli Directory Server Version 5.2 Client Readme

iscsi Configuration Manager Version 2.0

Release Notes. IBM Tivoli Identity Manager GroupWise Adapter. Version First Edition (September 13, 2013)

IBM Tivoli OMEGAMON DE for Distributed Systems

IBM Tivoli OMEGAMON XE for R/3

Tivoli Access Manager for Enterprise Single Sign-On

Workplace Designer. Installation and Upgrade Guide. Version 2.6 G

Tivoli Access Manager for Enterprise Single Sign-On

Limitations and Workarounds Supplement

IBM Tivoli Monitoring for Databases. Release Notes. Version SC

Migrating Classifications with Migration Manager

Netcool/Impact Version Release Notes GI

IBM Tivoli Identity Manager Authentication Manager (ACE) Adapter for Solaris

Release Notes. IBM Tivoli Identity Manager I5/OS Adapter. Version First Edition (January 9, 2012)

IBM WebSphere Sample Adapter for Enterprise Information System Simulator Deployment and Testing on WPS 7.0. Quick Start Scenarios

IBM License Metric Tool Version Readme File for: IBM License Metric Tool, Fix Pack TIV-LMT-FP0001

Build integration overview: Rational Team Concert and IBM UrbanCode Deploy

IBM Directory Server 4.1 Release Notes

Platform LSF Version 9 Release 1.1. Migrating on Windows SC

Integrated use of IBM WebSphere Adapter for Siebel and SAP with WPS Relationship Service. Quick Start Scenarios

Networking Bootstrap Protocol

Configuring IBM Rational Synergy to use HTTPS Protocol

Tivoli Switch Analyzer

Tivoli Access Manager for Enterprise Single Sign-On

Chapter 1. Fix Pack 0001 overview

IBM Rational Synergy DCM-GUI

IBM Tivoli AF/Remote

Platform LSF Version 9 Release 1.3. Migrating on Windows SC

Development tools System i5 Debugger

Application and Database Protection in a VMware vsphere Environment

IBM Operations Analytics - Log Analysis: Network Manager Insight Pack Version 1 Release 4.1 GI IBM

IBM Maximo for Aviation MRO Version 7 Release 6. Installation Guide IBM

CONFIGURING SSO FOR FILENET P8 DOCUMENTS

IBM Maximo for Service Providers Version 7 Release 6. Installation Guide

IBM Netcool/OMNIbus 8.1 Web GUI Event List: sending NodeClickedOn data using Netcool/Impact. Licensed Materials Property of IBM

Version 9 Release 0. IBM i2 Analyst's Notebook Configuration IBM

IBM. Tivoli Usage and Accounting Manager (ITUAM) Release Notes. Version GI

Getting Started with InfoSphere Streams Quick Start Edition (VMware)

Version 1.2 Tivoli Integrated Portal 2.2. Tivoli Integrated Portal Customization guide

Version 9 Release 0. IBM i2 Analyst's Notebook Premium Configuration IBM

Tivoli Endpoint Manager for Patch Management - AIX. User s Guide

IBM Directory Integrator 5.1.2: Readme Addendum

Limitations and Workarounds Supplement

Installation and User s Guide

IBM Tivoli OMEGAMON XE for Databases

IBM Security QRadar Version Customizing the Right-Click Menu Technical Note

Installing Watson Content Analytics 3.5 Fix Pack 1 on WebSphere Application Server Network Deployment 8.5.5

IBM Cognos Dynamic Query Analyzer Version Installation and Configuration Guide IBM

IBM License Metric Tool Enablement Guide

IBM Endpoint Manager Version 9.1. Patch Management for Ubuntu User's Guide

Performance Toolbox for AIX Version 3.1

Release 6.2 Installation Guide

Limitations and Workarounds Supplement

Best practices. Starting and stopping IBM Platform Symphony Developer Edition on a two-host Microsoft Windows cluster. IBM Platform Symphony

Patch Management for Solaris

IBM BladeCenter Chassis Management Pack for Microsoft System Center Operations Manager 2007 Release Notes

Using application properties in IBM Cúram Social Program Management JUnit tests

RSE Server Installation Guide: AIX and Linux on IBM Power Systems

A Quick Look at IBM SmartCloud Monitoring. Author: Larry McWilliams, IBM Tivoli Integration of Competency Document Version 1, Update:

IBM Spectrum LSF Process Manager Version 10 Release 1. Release Notes IBM GI

IBM Kenexa LCMS Premier on Cloud. Release Notes. Version 9.3

Lotus Forms Designer 3. What s New

IBM Security QRadar Version Forwarding Logs Using Tail2Syslog Technical Note

IBM Storage Driver for OpenStack Version Release Notes

SMASH Proxy Version 1.0

IBM Maximo Calibration Version 7 Release 5. Installation Guide

IBM emessage Version 8.x and higher. Account Startup Overview

IBM Copy Services Manager Version 6 Release 1. Release Notes August 2016 IBM

Printing Systems Division. Infoprint Manager for AIX NLV Release Notes

Express Edition for IBM x86 Getting Started

IBM Operational Decision Manager Version 8 Release 5. Configuring Operational Decision Manager on Java SE

Installing and Configuring Tivoli Monitoring for Maximo

Version Release Notes GI

IBM Maximo Spatial Asset Management Version 7 Release 6. Installation Guide IBM

IBM Integration Designer Version 8 Release 5. Hello World for WebSphere DataPower Appliance IBM

IBM Storage Driver for OpenStack Version Installation Guide SC

Tivoli Access Manager for Enterprise Single Sign-On

IBM Operational Decision Manager. Version Sample deployment for Operational Decision Manager for z/os artifact migration

IBM Storage Management Pack for Microsoft System Center Operations Manager (SCOM) Version Release Notes

System i. Networking RouteD. Version 5 Release 4

Integrating IBM Rational Build Forge with IBM Rational ClearCase and IBM Rational ClearQuest

IBM UrbanCode Cloud Services Security Version 3.0 Revised 12/16/2016. IBM UrbanCode Cloud Services Security

IBM Maximo Spatial Asset Management Version 7 Release 5. Installation Guide

Proposal for a Tivoli Storage Manager Client system migration from Solaris with VxFS to Linux with GPFS or AIX with GPFS or JFS2

IBM Maximo Spatial Asset Management Version 7 Release 5. Installation Guide

Migrating on UNIX and Linux

IBM. Networking INETD. IBM i. Version 7.2

Tivoli Access Manager for Enterprise Single Sign-On

IBM Extended Command-Line Interface (XCLI) Utility Version 5.2. Release Notes IBM

Transcription:

Tivoli Access Manager for Enterprise Single Sign-On Version 6.0 Web Viewer Installation and Setup Guide SC32-1991-03

Tivoli Access Manager for Enterprise Single Sign-On Version 6.0 Web Viewer Installation and Setup Guide SC32-1991-03

Note: Before using this information and the product it supports, read the information in Notices, on page 13. This edition applies to version 6.0 of this adapter and to all subsequent releases and modifications until otherwise indicated in new editions. Copyright International Business Machines Corporation 2005, 2007. All rights reserved. US Government Users Restricted Rights Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.

TAM E-SSO Web Viewer Installation and Setup Guide Table of Contents Welcome to TAM E-SSO Web Viewer... 6 Installation Overview... 7 System Requirements... 8 Minimum System Requirements... 8 Installation Steps... 9 5

TAM E-SSO Web Viewer Installation and Setup Guide Welcome to TAM E-SSO Web Viewer TAM E-SSO Web Viewer is an adaptation of TAM E-SSO s "Logon Manager" for the Web. TAM E-SSO Web Viewer enables users to retrieve passwords when they are using a Web-enabled machine on which TAM E-SSO is not available. The functionality is similar to the TAM E-SSO Logon Manager for viewing credentials. The most significant difference is that it is placed in a web browser, and focuses on security without sacrificing convenience to the user. 6

TAM E-SSO Web Viewer Installation and Setup Guide Installation Overview TAM E-SSO Web Viewer may be installed as an add-on component to TAM E-SSO. TAM E-SSO does not need to be installed prior to installing TAM E-SSO Web Viewer. However, if TAM E-SSO Agent is configured on the machine, some extra configuration steps have already been performed. The following is a brief overview of the steps that must be taken in order to successfully install TAM E-SSO Web Viewer. Each step is explained in detail later in this guide, Installation Steps. Review System Requirements Install TAM E-SSO Web Viewer Configure Internet Information Server settings Configure settings in the Windows Registry (if TAM E-SSO is not installed) Configure settings in the TAM E-SSO Administrative Console Accessing TAM E-SSO Web Viewer 7

TAM E-SSO Web Viewer Installation and Setup Guide System Requirements In order for TAM E-SSO Web Viewer to install and function properly, your system must meet at least the following requirements. Minimum System Requirements TAM E-SSO Administrative Console and Agent v6.0 or later. A Microsoft Active Directory or Microsoft ADAM Synchronizer must be installed and configured, with Windows Authentication v1. Microsoft Internet Information Server (IIS), version 5.0 or later. Microsoft Windows 2000 (SP3+), Windows Server 2003 For security reasons, this server machine should not be the Domain Controller, and TAM E-SSO should not be installed on this machine. Microsoft.NET 2.0 Windows Installer 3.1 Internet Explorer 6.0 or higher with 128-bit encryption on client machines Pentium III 733 MHz 128 MB RAM ~ 1 MB disk space 8

TAM E-SSO Web Viewer Installation and Setup Guide Installation Steps Follow these steps to install and configure TAM E-SSO Web Viewer. Step 1: Review System Requirements Make sure you have carefully reviewed the system requirements. Step 2: Install TAM E-SSO Web Viewer Follow these steps to install and configure the TAM E-SSO Web Viewer Client Agent. 1. Close all programs. 2. Place the TAM E-SSO installation CD in your CD-ROM drive and the TAM E- SSO Main Menu appears automatically (or start the installation from a shared network drive). 3. Click Web Viewer to begin the installation. 4. The Welcome Panel appears. Click [Next>]. 5. The License Agreement panel appears. Read the license agreement carefully. Select I accept the terms in the license agreement and click [Next>] to continue. 6. Select the Standard setup type and click [Next>]. (Custom setup is an option, if the Web Viewer must be installed to a non-default directory; the same components are installed in either case.) 7. TAM E-SSO Web Viewer is ready to be installed. Click [Install>]. 8. Wait for the installation to complete. When it is done, click [Finish]. 9

TAM E-SSO Web Viewer Installation and Setup Guide Step 3: Configure security settings for IIS As part of installation, TAM E-SSO Web Viewer is set to operate as the default IIS user. This account generally has insufficient permission to accomplish its tasks, however, and it is therefore suggested that this user be replaced with an administrative account on the domain. This can be accomplished by opening the Internet Information Services applet in Control Panel (Control Panel/Administrative Tools/Internet Information Services), locating the entry for the TAM E-SSO Web Viewer, installed as a Default Web Site with the name SSOWebViewer. View the Properties (available from the Context Menu on right-click), and select the Directory Security tab. Edit the Anonymous access and authentication control items, uncheck Allow IIS to control password, and type the Username and Password for the account into the appropriate boxes. Windows will ask you to confirm this password. Be sure that this user has logged into the machine at least once. When in use, the Web Viewer stores temporary content under this user s profile, which will not exist until the user logs in. Software or settings should also be set to not delete this profile on logoff if it has been set otherwise in the past. Step 4: Configure settings in the Windows Registry After you install TAM E-SSO Web Viewer, you must configure some settings in the Windows registry so that Web Viewer has access to the credential repository. If TAM E-SSO Agent is running on the machine, this configuration already exists and you do not need to change anything in the registry. If TAM E-SSO Agent is not installed, this configuration (a simplification of TAM E- SSO s SyncManager configuration) must be applied manually. If preferred, this information can also be copied from an existing TAM E-SSO installation and/or may be set through the TAM E-SSO Administrative Console. This configuration should match that of a working TAM E-SSO installation on the network. For example, in the absence of any other TAM E-SSO products and a simple example configuration (no Configuration Objects, vgolocators used), the following would be appropriate. 1. Open the Windows Registry and drill down to the following node:, HKEY_LOCAL_MACHINE\SOFTWARE\Passlogix\Extensions\SyncManager\Syncs\<subkey> <subkey> Underneath the Syncs key, you must create a subkey for the server of interest. The subkey name should correspond with the server name (many TAM E-SSO installations call it ADEXT, the default Active Directory name from TAM E-SSO). In each of these subkeys, the following values must be added: 10

TAM E-SSO Web Viewer Installation and Setup Guide Value Name Type Description UserPath1 String The user path on this server. For example, ou=users,dc=company,dc=com. Path String Set to the path of ADSync.dll on your system. UseSSL DWORD If the repository server accepts SSL connections from the TAM E-SSO Agent, set to 1. Otherwise, set to 0. 2. In the server subkey, a Servers subkey must be created, with a single value inside it: Value Name Type Description Server1 String The address of the server in question. For example, webviewermachine.company.com. 3. Finally, higher up the tree, underneath the Syncs key, you must supply another value: Value Name Type Description SyncOrder String The list of server keys created above, commadelimited, in order of usage. For example, if one server exists, webviewermachine, or for multiple servers, server1,server2,server3. Step 5: Configuring Settings in the TAM E-SSO Administrative Console Configuration settings specific to the TAM E-SSO Web Viewer are located in the TAM E-SSO Administrative Console. Open the console by pointing to Start > Programs > TAM E-SSO > TAM E-SSO Console. Right-click Global Agent Settings, point to Import, click From Live HKLM. Expand Live. Click Web Viewer. Adjust the following settings to your preference: Setting Password Reveal Timeout Session Timeout Description Controls the time (in seconds) until the Credential Detail screen removes a revealed password. The default is 45 seconds. Controls the timeout for Web Viewer. After this amount of time of inactivity, the user will automatically be logged out. The default is 5 minutes. 11

TAM E-SSO Web Viewer Installation and Setup Guide Step 6: Accessing TAM E-SSO Web Viewer To access the Web Viewer: 1. Open a Web Browser and enter this address: http://localhost/ssowebviewer/login.aspx where localhost is replaced with the actual server machine s IP address, if this is set up on a server where users will be accessing it from remote sites. 2. Log onto Web Viewer using the Active Directory username and password for the user. 12

Appendix. Notices This information was developed for products and services offered in the U.S.A. IBM may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the user s responsibility to evaluate and verify the operation of any non-ibm product, program, or service. IBM may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not give you any license to these patents. You can send license inquiries, in writing, to: IBM Director of Licensing IBM Corporation North Castle Drive Armonk, NY 10504-1785 U.S.A. For license inquiries regarding double-byte (DBCS) information, contact the IBM Intellectual Property Department in your country or send inquiries, in writing, to: IBM World Trade Asia Corporation Licensing 2-31 Roppongi 3-chome, Minato-ku Tokyo 106-0032, Japan The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION AS IS WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you. This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice. Any references in this information to non-ibm Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk. IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you. Copyright IBM Corp. 2005, 2007 13

Licensees of this program who wish to have information about it for the purpose of enabling: (i) the exchange of information between independently created programs and other programs (including this one) and (ii) the mutual use of the information which has been exchanged should contact: IBM Corporation 2ZA4/101 11400 Burnet Road Austin, TX 78758 U.S.A. Such information may be available, subject to appropriate terms and conditions, including in some cases, payment of a fee. The licensed program described in this information and all licensed material available for it are provided by IBM under terms of the IBM Customer Agreement, IBM International Program License Agreement, or any equivalent agreement between us. Any performance data contained herein was determined in a controlled environment. Therefore, the results obtained in other operating environments may vary significantly. Some measurements may have been made on development-level systems and there is no guarantee that these measurements will be the same on generally available systems. Furthermore, some measurements may have been estimated through extrapolation. Actual results may vary. Users of this document should verify the applicable data for their specific environment. Information concerning non-ibm products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of performance, compatibility or any other claims related to non-ibm products. Questions on the capabilities of non-ibm products should be addressed to the suppliers of those products. Trademarks The following terms are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both: AIX DB2 developerworks eserver IBM iseries Lotus Passport Advantage pseries RACF Rational Redbooks Tivoli WebSphere zseries Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both. 14 IBM Tivoli Access Manager for Enterprise Single Sign-On: Web Viewer Installation and Setup Guide

Intel, Intel Inside (logos), MMX and Pentium are trademarks of Intel Corporation in the United States, other countries, or both. UNIX is a registered trademark of The Open Group in the United States and other countries. Linux is a trademark of Linus Torvalds in the U.S., other countries, or both. Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both. Other company, product, and service names may be trademarks or service marks of others. Appendix. Notices 15

16 IBM Tivoli Access Manager for Enterprise Single Sign-On: Web Viewer Installation and Setup Guide

Printed in USA SC32-1991-03

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback