• No results found

Enterprise Single Sign-On 8.0.3

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Enterprise Single Sign-On 8.0.3"

Copied!
21
0
0

Loading.... (view fulltext now)

Download now ( 21 Page )

Full text

(1)

For Internal Use Only

Additional Dedicated Server Instance

8.0.3

(2)

Copyright © 1998-2009 Quest Software and/or its Licensors

ALL RIGHTS RESERVED.

This publication contains proprietary information protected by copyright. The software described in this publication is furnished under a software license or nondisclosure agreement. This software may be used or copied only in accordance with the terms of the applicable agreement. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical or otherwise without the prior written permission of the publisher.

DISCLAIMER

The information in this publication is provided in connection with Quest branded products from Evidian. No license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this publication. EXCEPT AS OTHERWISE SPECIFIED IN THE END USER LICENSE AGREEMENT FOR THIS PRODUCT, EVIDIAN AND QUEST ASSUME NO LIABILITY

WHATSOEVER AND DISCLAIM ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY

RELATING TO THIS PRODUCT, INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL EVIDIAN OR QUEST BE LIABLE FOR ANY DIRECT, INDIRECT,

CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS PUBLICATION, EVEN IF EVIDIAN OR QUEST HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Evidian and Quest make no representations or warranties with respect to the accuracy or completeness of the contents of this publication and reserve the right to make changes to

specifications and product descriptions at any time without notice. Evidian and Quest do not make any commitment to update the information contained in this publication. The information and specifications in this publication are subject to change without notice.

Trademarks

Quest, Quest Software, the Quest Software logo, Aelita, AppAssure, Benchmark Factory, Big Brother, DataFactory, DeployDirector, ERDisk, Foglight, Funnel Web, I/Watch, Imceda, InLook, IntelliProfile, InTrust, IT Dad, I/Watch, JClass, Jint, JProbe, LeccoTech, LiteSpeed, LiveReorg, NBSpool, NetBase, Npulse, PerformaSure, PL/Vision, Quest Central, RAPS, SharePlex, Sitraka, SmartAlarm, Spotlight, SQL LiteSpeed, SQL Navigator, SQL Watch, SQLab, Stat, Stat!,

StealthCollect, Tag and Follow, Toad, T.O.A.D., Toad World, Vintela, Virtual DBA, Xaffire, and XRT are trademarks and registered trademarks of Quest Software, Inc in the United States of America and other countries. The terms Evidian, AccessMaster, SafeKit, OpenMaster, SSOWatch, WiseGuard, Enatel and CertiPass are trademarks registered by Evidian. All other trademarks mentioned in this document are the propriety of their respective owners.

World Headquarters, 5 Polaris Way, Aliso Viejo, CA 92656 Website: www.quest.com

Please refer to our website for regional and international office information. Quest Enterprise SSO

(3)

C

ONTENTS

1. About This Guide ... 3

1.1 Introduction ... 3

1.2 Conventions... 3

2. Prerequisites... 4

3. Installation procedure... 5

3.1 Directory installation ... 5

3.1.1 Windows XP Professional Edition / Windows 2003 Server ... 5

3.1.2 Windows 2003 Server R2... 5

3.1.3 Windows 2008 Server / Windows 2008 Server R2 ... 5

3.2 Dedicated directory instance setup ... 6

3.2.1 Windows XP Professional Edition / Windows 2003 Server / Windows 2003 Server R2... 6

3.2.2 Windows Server 2008 / Windows Server 2008 R2 ... 12

4. E-SSO configuration ... 18

About Quest Software, Inc. ... 19

Contacting Quest Software... 19

(4)
(5)

1. About This Guide

1.1 Introduction

This document describes how to install a replicated directory for E-SSO. This installation is recommended for high availability.

You can install as many replicated directories as needed, and anyone of them can be safely uninstalled.

1.2 Conventions

In order to help you get the most out of this guide, we have used specific formatting conventions. These conventions apply to procedures, icons, keystrokes and cross-references.

ELEMENT CONVENTION

Select This word refers to actions such as choosing or highlighting various interface elements, such as files and radio buttons.

Bolded text Interface elements that appear in Quest products, such as menus and commands.

Italic text Used for comments.

Bold Italic text Introduces a series of procedures.

Blue text Indicates a cross-reference. When viewed in Adobe® Acrobat®, this format can be used as a hyperlink.

Used to highlight additional information pertinent to the process being described.

Used to provide Best Practice information. A best practice details the recommended course of action for the best result.

Used to highlight processes that should be performed with care.

+ A plus sign between two keystrokes means that you must press them at the same time.

(6)

2. Prerequisites

An E-SSO Controller must be already installed.

The additional server must be a member of the Active Directory on which ESSO is configured.

Supported operating systems are:

• Windows 2008 Server / Windows 2008 Server R2 • Windows 2003 Server R2

• Windows 2003 Server

(7)

3. Installation procedure

You must first install the directory software, then setup a new directory instance.

Depending on the operating system, the installation procedure will differ.

3.1 Directory installation

This will enable dedicated directory software components on the server.

3.1.1 Windows XP Professional Edition / Windows 2003 Server

The replicated directory installer is available from the installer (start.hta file).

3.1.2 Windows 2003 Server R2

You must install the “ADAM” Windows component, shipped with the operating system.

1. Log on as a local administrator, click Start, point to Control Panel, and then click Add or Remove Programs.

2. Click Add/Remove Windows Components.

3. Select the check box next to Active Directory Services, and then click Details. 4. Select the check box next to Active Directory Application Mode (ADAM),

click OK, and then click Next.

5. The message "You have successfully completed the Windows Component Wizard" should appear.

6. Click Finish.

3.1.3 Windows 2008 Server / Windows 2008 Server R2

You must add the “Active Directory Lightweight Directory Services” role to your server.

1. Click Start, and then click Server Manager.

2. In the console tree, right-click Roles, and then click Add Roles.

3. Review the information on the Before You Begin page of the Add Roles

Wizard, and then click Next.

4. On the Select Server Roles page, in the Roles list, select the Active Directory Lightweight Directory Services check box, and then click Next.

(8)

3.2 Dedicated directory instance setup

The replicated directory server is now to be setup.

When the E-SSO controller was installed, you chose a domain account to be the

technical administrator of the dedicated server. This account is needed twice during the replica setup.

3.2.1 Windows XP Professional Edition / Windows 2003 Server /

Windows 2003 Server R2

Click Start, point to All Programs, point to ADAM, and then click Create an ADAM

instance.

1. On the Welcome to the Active Directory Application Mode Setup Wizard

(9)

2. On the Setup Options page, click A replica of an existing instance (as

shown in the following), and then click Next.

(10)

4. On the Ports page, enter 55000 for LDAP and 55001 for SSL, and then

click Next.

5. On the Joining a Configuration Set page, enter the Fully Qualified DNS

Name of the previously installed E-SSO Controller (you may also click

(11)

6. On the Administrative Credentials for the Configuration Set page, enter

the technical administrator account described above, then click Next.

7. On the Copying Application Directory Partitions page, add the O=IAM

(12)

8. On the File Locations page, click Next.

(13)

10. On the ADAM Administrators page, enter the technical administrator account described above, and then click Next.

(14)

12. When the Active Directory Application Mode Setup Wizard finishes, it displays this message: “You have successfully completed the Active Directory Application Mode Setup Wizard.”

3.2.2 Windows Server 2008 / Windows Server 2008 R2

(15)

2. On the Welcome to the Active Directory Lightweight Directory Services Setup Wizard page, click Next.

3. On the Setup Options page, click A replica of an existing instance, and

(16)

4. On the Instance Name page, enter "ESSOServer", and then click Next.

(17)

6. On the Joining a Configuration Set page, in Server, type the full DNS name

of the E-SSO controller (you may also click Browse...). Then, type 55000 as the LDAP port and click Next.

7. On the Administrative Credentials for the Configuration Set page, enter

(18)

8. On the Copying Application Directory Partitions page, select « O=IAM »,

then click Next.

(19)

10. On the Service Account Selection page, choose Network Service Account, then click Next.

11. On the AD LDS Administrators page, enter the technical administrator account described above, and then click Next.

(20)

4. E-SSO configuration

Now that your replicated directory is setup, you must configure E-SSO controller and workstation to use it. This is done using the ESSO configuration tool. Don't forget to

specify the 55000 port number, using the format:

(21)

About Quest Software, Inc.

Now more than ever, organizations need to work smart and improve efficiency. Quest Software creates and supports smart systems management products—helping our customers solve everyday IT challenges faster and easier. Visit www.quest.com for more information.

Contacting Quest Software

Phone 949.754.8000 (United States and Canada) Email [email protected]

Mail Quest Software, Inc.

World Headquarters 5 Polaris Way

Aliso Viejo, CA 92656 USA Web site www.quest.com

Please refer to our Web site for regional and international office information.

Contacting Quest Support

Quest Support is available to customers who have a trial version of a Quest product or who have purchased a Quest product and have a valid maintenance contract. Quest Support provides unlimited 24x7 access to SupportLink, our self-service portal. Visit SupportLink at

http://support.quest.com/

From SupportLink, you can do the following:

• Retrieve thousands of solutions from our online Knowledgebase • Download the latest releases and service packs

• Create, update and review Support cases

References

Download now ( PDF - 21 Page - 610.18 KB )

Related documents

Effects of ocean acidification on primary production in a coastal North Sea phytoplankton community

Hence, the observed changes in primary production under OA have a high potential to restructure phytoplankton communities in the future coastal North Sea with likely consequences

Active Directory in EC2: Basic Forest

Next, click “Add Roles.” From here, you’re looking for the “Active Directory Domain Services” role. Go ahead and install it. NOTE: Don’t install the DNS server role at

Web Programming Lab Manual

Create XSLT style sheet for one patient element of the XML, document of exercise 5 and use it to create a display of that element.. PHP scripting code is frequently used to

Module 6. Configuring and Troubleshooting Routing and Remote Access. Contents:

On the Select Role Services page, select Network Policy Server and Routing and Remote Access Services, and then click Next.. On the Confirm Installation Selections page,

CZ Health Insurance and Occupational Insurance Providing care means looking ahead

This is what CZ stands for, and this is why CZ also offers healthcare services in addition to group health insurance that will assist you with ensuring the health of your

A Multidimensional Model of Venture Growth

Competencies. Technical and industry-specific competencies should receive more research atten- tion in entrepreneurship settings because the do- main they reflect,

Tractor and planter adjustments to improve profitability

Strategies for saving tractor fuel include shifting up to a higher gear and throttling back for drawbar loads that require less than 100% of tractor power, reducing tillage

MCTS: Active Directory (Server 2008)

May include but is not limited to: migration to AD LDS; configure data within AD LDS; configure an authentication server; Server Core Installation Configure Active Directory