NetIQ SecureLogin 9.0 Administration Guide

  NetIQ SecureLogin 9.0 Administration Guide

    Getting Started

      Recommendations

      Administrative Management Utilities

      Additional Information

    Configuration Tasks Before Deploying SecureLogin

      Setting User Preferences

      Disabling User Access

      Updating the Datastore Objects

      Changing the Organizational Unit Level Datastore

      Changing the Directory Datastore

      Deleting or Re-setting User Data

    Managing Preferences

      Changing Rights for Installing JREs

      Preferences Categories

      Default Preference Values

      Setting User Preferences

      Setting the Preferences

      Configuring the Exclude.ini File

    Managing Passphrases

      About Passphrases

      Creating a Passphrase Question

      Resetting a Passphrase Answer

      Changing the Passphrase Prompt

      Changing a Passphrase

    Managing Passphrase Policies

      About Passphrase Policies

      Changing a Passphrase Policy

      Enabling the Passphrase Security System

      Checking the Passphrase Security System Status

      Passphrase Security System Scenarios

    Managing Credentials

      About Credentials

      Creating a User Login and Credentials

      Deleting a User Login and Credentials

      Linking a Login to an Application

    Managing Password Policies

      About Password Policies

      Password Policy Properties

      Creating a New Password Policy

      Linking a Policy to an Application

    Managing Smart Card Integration

      How SecureLogin Uses Smart Cards

      Installing SecureLogin for Smart Cards

      Configuring SecureLogin for Smart Cards

      Using PKI Encryption for the Datastore and Cache

      Lost Card Scenarios

      Smart Card with DAS Integration

      Disconnected Login using NESCM

      SecureLogin in Kiosk Mode

      Enable Pin Caching for Smart Card

      Changing Smart Card Login Password on Expiry

    Support for Windows Hello for Business

      Protecting the SecureLogin Icon by Using Windows Hello for Business

      Reauthenticating Users by Using Windows Hello for Business

    Enabling Terminal Emulator Applications

      Enabling Terminal Emulator Applications

      Support for the MEDITECH Predefined Application

    Reauthenticating Applications

      Using the Administrative Management Utility

      Using the Application Definition Wizard

      Using the AAVerify Command

      Using the Risk Policy of Advanced Authentication

    Managing Application Definitions

      Responding to Application Messages

      Responding to Login Notifications

      Adding Support for Password Changes

      Responding to Change Password Notification

    Distributing Configurations

      About Distributing Configurations

      Distributing Configurations Within Directory Domains

      Setting Corporate Redirection

      Configuring Groups Within eDirectory

      Copying a Configuration Across Organizational Units

      Creating an Active Directory Group Policy

    Managing Configurations

      Exporting the Single Sign On Data in Encrypted XML Files

      Importing Single Sign-On Data in Encrypted XML Files

      Creating a Signing Key for Secure Distribution

      Locally Installing a Digital Signing Key

    Using the slAP Tool

      About the slAP Tool

      The slAP Syntax

    Migrating the Datastore Using the slMigrationHelper Tool

      Datastores Supported for Migration

      Migrating the Datastore

    Managing the Workstation Cache

      About the Workstation Cache

      Creating a Backup File

      Deleting the Workstation Cache

      Restoring the Local Cache Backup File

    Auditing and Logging

      About Auditing Tools

      About SNMP Auditing

      About Windows Event Log Alerts

      Creating a Windows Event Log Alert

      Logging Events

    Analytics Dashboard

      Advantages of Using Analytics Dashboard

      Who Can Access Analytics Dashboard

      Getting Started with Analytics Dashboard

      Events for Each Graph

      Types of Graphs

      Managing Graph Limit

      Set Time Range

    Audit Configuration for Sentinel

      Windows Event Log: An Overview

      WMS Connector

      Configuring Auditing

      Logging Events from LDAP

    Administering Desktop Automation Services

      Actions and Descriptions

      Using the DAS Editor to Configure Actions

      Example of an Action File

    Support for Tap to Switch User

      Prerequisites

      Configuring the Tap To Switch User Feature

    LDAP SSL Server Certificate Verification

      About LDAP SSL Server Certificate Verification

      Validating an LDAP SSL Server Certificate

      Enabling LDAP SSL Certificate Verification

    Security Considerations

    SecureLogin Security Role Configuration for Active Directory

      Directory Attributes

      Directory Permissions Assignment

      Assigning Permissions for SecureLogin Administrators

      Assigning Permissions for SecureLogin Help Desk

      Assigning SecureLogin Client Settings for Administrators and Help Desk Groups

    Limiting Concurrent Connections

      Registry Entry

      Schema Extension

      Setting the Attribute Values

    Support for Advanced Authentication

      Advanced Authentication Registry Settings

      Configuration of Advanced Authentication for SecureLogin

    VBA Emulators for SecureLogin

      Configuring VBA Emulators

      Configuring Reflections

      Creating a Macro

      Configuring the Emulator Type of Terminal Launcher

    Troubleshooting

      Unable to See Password Using ?syspassword If the User Is Authenticated Using Smart Card PIN

      SecureLogin Fails To Provide Single Sign-on to Virtual Applications

      SecureLogin Fails To Start For Domain Users On Windows Domains Or Domain Controller Servers

      Recovering a Forgotten Password

    Error Messages

    Schema Updates

      Schema Attributes

      Active Directory Environments

      LDAP Environments

      Security Rights Assignments

    Legal Notice