Because osesm uses the operating system to authenticate user credentials, it does not have many configuration parameters. For information on the configuration fields, in the Edit Security Manager screen's left hand pane, select the
option.The osesm module also supports some additional configuration that can be set by editing the text in the Configuration Information area. Text in this area is organized into sections which begin with a tag in square brackets, followed by lines of the form: name=value.
Below are the various configuration sections you can configure, and the options that can be set in each section.
Sets the default domain for checking the user's credentials. By default this is ".", which means to try to log the user on to the local system.
Sets the type of logon to use. Windows supports a number of logon types. Servers typically use the network logon to verify user credentials, as it is supposed to be faster and use less resources. However, it requires that the user has the "Use this computer over a network" right, which some user accounts may not have. If you find users cannot log on using their correct domain usernames and passwords, try setting this to interactive, which will perform a full Windows interactive logon.
The default is network.
Sets the passtoken creation and use privileges:
The default is none. Set it to self if you want to be able to move between MFDS and ESMAC without signing on twice.
Enables trace messages for the osesm Verify operation. Trace messages are written to the same location as error messages, for example the console log. Tracing is useful in diagnosing issues, but might reveal sensitive data to an attacker who can obtain copies of log files. Disable tracing when it is not needed.