Next:
PRE-INSTALLATION GUIDE
Up:
P-Synch Technical Documentation
Previous:
P-Synch Technical Documentation
Index
Contents
1. Introduction
2. Functional modules
2.1 Password synchronization
2.1.1 Using a web browser
2.1.2 Transparent synchronization
2.2 Self-service password reset
2.2.1 User interfaces
2.2.2 Authentication systems
2.3 Help desk password reset
2.4 Self-service profile management
2.4.1 Question and answer profiles
2.4.2 Alternate Login ID (alias) profiles
2.5 Expiry detection and early warning
2.6 Self-service SecurID token management
2.7 Front-end authentication
3. Design choices
3.1 Key staff
3.2 Functionality
3.2.1 Password strength policy
3.2.2 Alternate Login IDs
3.2.3 Authentication navigation
3.2.4 Help desk password reset
3.2.5 Self-service password reset
3.2.6 User attribute changes / CGI plugins
3.2.7 Interface customization
3.2.8 Password synchronization
3.2.9 Aggregated password change facility
3.2.10 Password expiry early warning system
3.2.11 SecurID/ACE token management
3.3 Target systems
3.4 Sub-host plugin
3.5 P-Synch servers
3.6 Network connectivity
3.7 Training
4. Planning for deployment
5. Pre-installation checklist
5.1 Preparing a P-Synch server
5.2 Target system information
5.3 Accounts on target systems
5.4 Transparent synchronization
6. Multiple servers
7. Installation overview
8. The P-Synch software archive
9. Installing the software
9.1 Where to install P-Synch software
9.2 Installing software components on Windows NT/2000 servers
9.3 Preparing the master P-Synch server
9.4 Preparing a slave P-Synch server
9.5 Preparing a P-Synch proxy server
9.6 Preparing a Windows NT/2000 RSA SecurID/ACE server
9.7 Preparing a OTG HelpYourself SecurePBX server
9.8 Preparing a Windows NT/2000 domain controller
9.9 Running the setup program
9.10 Adding alternate instances
9.10.1 Upgrading alternate instances
9.11 Configuration
10. Configuring P-Synch
10.1 Adding target systems
10.1.1 Installing the Unix agent
10.1.2 Configuring P-Synch for 0S/390 and MVS mainframes
10.2 Target systems composed of multiple servers
10.3 Adding help-desk users
10.3.1 Defining help desk user accounts
10.3.2 Authorizing a Windows NT/2000 domain users group
10.4 Adding end users
10.5 Removing users and login IDs
10.6 Extending functionality
10.7 Modifying program behavior
10.7.1 Setting inactivity timeout period for a session
10.7.2 Allowing users to select accounts
10.7.3 Selecting every account by default
10.8 Defining authentication procedures
10.8.1 Choosing an authentication navigation procedure
10.8.2 Configuring front-end authentication
10.8.3 Adding a login ID entry field to authentication pages
10.9 Choosing authentication methods
10.9.1 Setting authentication methods
10.9.2 Password authentication
10.9.3 P-Synch question and answer authentication
10.9.4 SecurID authentication
10.9.5 RADIUS authentication
10.9.6 LDAP directories password authentication
10.9.7 LDAP directories question and answer authentication
10.9.8 Other authentication
10.10 Defining Q&A sets
10.10.1 Adding question sets
10.10.2 Defining external question sets
10.10.3 Modifying question sets
10.10.4 Deleting question sets
10.10.5 Adding questions to pre-defined question sets
10.10.6 Modifying pre-defined question definitions
10.10.7 Deleting pre-defined questions
10.11 Password synchronization with a browser
10.12 Self-service password resets with a browser
10.13 Self-service Q&A profile builder
10.13.1 Configuring the self-service Q&A profile builder
10.14 Self-service alternate login ID profile builder
10.14.1 Allowing/disallowing deletion on individual targets
10.15 Self-service SecurID token management
10.15.1 Installing PSACE on a Windows NT ACE server
10.15.2 Installing PSACE on a Unix ACE server
10.15.3 Add ACE servers as target systems
10.15.4 Configure the web interface
10.16 Transparent synchronization
10.16.1 Installing the P-Synch synchronization service
10.16.2 Windows NT trigger
10.16.3 Windows 2000 trigger
10.16.4 Unix trigger
10.16.5 Unix with NIS or NIS+
10.16.6 Netscape (iPlanet) LDAP trigger
10.16.7 MVS / OS390 trigger with P-Synch/390
10.16.8 Registering users
10.17 Enabling password aging on Windows NT domains
10.18 Adding expiry detection / warning
10.18.1 Create an expiry HTML page
10.18.2 Activate the expiry service
10.18.3 Install the expiry client
10.19 Adding password strength rules
10.19.1 Adding new rules with a plugin program
10.19.2 Adding new rules using regular expressions
10.20 Checking user compliance
10.20.1 Configuring actions for compliance failure
10.20.2 Scheduling compliance checks
10.20.3 Writing the general purpose user list file
10.20.4 Writing a deployment language/e-mail plugin
10.20.5 Writing an action plugin
10.21 Simplifying Windows 9x passwords
10.21.1 Background
10.21.2 Security
10.21.3 Simplified password management
10.21.4 Issues
10.21.5 Deployment
10.22 Self-service password reset from login prompt
10.22.1 Windows 95/98/ME workstations on Windows NT domains
10.22.2 Windows NT/2000 Professional workstations on a Windows NT domains
10.22.3 Windows 2000 Active Directory
10.22.4 Novell NetWare NDS
10.22.5 Setting up a HELP dial-in account
10.22.6 Advertising the help account
10.23 Interfacing with help desk call management systems
10.24 Interfacing with e-mail systems
10.25 Meta directory interface
10.26 Interfacing with interactive voice response systems
10.26.1 IVR with strong caller authentication
10.26.2 Other IVR systems
10.26.3 Architecture
10.27 Configuring mirrored P-Synch servers
10.28 Securing connections with a P-Synch proxy
10.28.1 Installing the proxy server
10.28.2 Configuring P-Synch to use the proxy server
11. Using the help desk administration module
11.1 Using P-Synch user search pages
12. Using the self-service modules
12.1 Accessing end user modules via front-end authentication
12.2 Accessing P-Synch end user modules without front-end authentication
13. Running reports
14. Synchronizing passwords with a browser
15. Using transparent synchronization
16. Resetting passwords with a browser
17. Resetting user passwords from the help desk
18. Reactivating locked-out users
19. Updating Q&A profiles
19.1 Updating a user's Q&A profile from the help desk
19.2 Using the self-service Q&A profile builder
20. Adding non-standard accounts to user profiles
20.1 Using the self-service alternate login ID profile builder
20.1.1 Adding alternate login IDs in simplified mode
20.1.2 Adding alternate login IDs in classic mode
20.2 Using the help desk alternate login ID profile builder
20.3 Managing alternate login IDs on context targets
21. Managing SecurID tokens
21.1 Enabling (activating) a new token
21.2 Disabling a lost or stolen token
21.3 Getting emergency access codes for temporary use
21.4 Clearing emergency access mode
21.5 Setting a new PIN
21.6 Resynchronizing a token with the ACE server
22. Deployment strategy
22.1 Activating features
22.2 Activating target systems
22.3 Synchronizing passwords
22.4 Training support staff
22.5 Notifying users
22.5.1 Registration for transparent synchronization
22.5.2 Educating users about self-service password resets
22.6 Collecting profile information
22.7 Phased deployment
23. Task list
24. Monitoring servers
24.1 Monitoring transparent synchronization on Windows servers
25. Promoting and demoting servers
25.1 Promoting a slave server
25.2 Demoting the master server
26. Target platforms
26.1 Banyan Vines
26.1.1 Pre-installation
26.1.2 Adding the server to P-Synch
26.1.3 Testing
26.1.4 Troubleshooting
26.2 Clarify ClearHelpDesk
26.3 DB2
26.3.1 Background
26.3.2 Pre-installation
26.3.3 Adding the server to P-Synch
26.3.4 Testing
26.3.5 Troubleshooting
26.4 Exchange
26.5 Informix
26.5.1 Background
26.5.2 Pre-installation
26.5.3 Adding the server to P-Synch
26.5.4 Testing
26.5.5 Troubleshooting
26.6 LDAP directories
26.6.1 Pre-installation
26.6.2 Adding the server to P-Synch
26.6.3 Writing the attribute script file
26.6.4 Testing
26.6.5 Troubleshooting
26.7 Lotus Domino / HTTP
26.7.1 Overview
26.7.2 Pre-installation
26.7.3 Adding the server to P-Synch
26.7.4 Testing
26.7.5 Troubleshooting
26.8 Lotus Notes
26.8.1 Overview
26.8.2 Pre-installation
26.8.3 Creating an ID file repository
26.8.4 Adding the Lotus Notes ID file target to P-Synch
26.8.5 Configure P-Synch batch files
26.8.6 Creating or modifying network login scripts
26.8.7 Testing
26.8.8 Troubleshooting
26.9 Lotus cc:Mail
26.9.1 Pre-installation
26.9.2 Adding the server to P-Synch
26.9.3 Testing
26.9.4 Troubleshooting
26.10 Microsoft Outlook
26.10.1 Removing password protection from mail folders
26.10.2 Removing cached passwords from mail servers
26.11 NIS
26.12 NIS+
26.13 NetWare NDS
26.13.1 Pre-installation
26.13.2 Adding the server to P-Synch
26.13.3 Testing
26.13.4 Troubleshooting
26.14 NetWare bindery
26.14.1 Pre-installation
26.14.2 Adding the server to P-Synch
26.14.3 Testing
26.14.4 Troubleshooting
26.15 Novell GroupWise
26.15.1 Pre-installation
26.15.2 Adding the server to P-Synch
26.15.3 Testing
26.15.4 Troubleshooting
26.16 OpenMail
26.17 OS390
26.18 OS390 with scripts
26.18.1 Overview
26.18.2 Pre-installation
26.18.3 Adding the server to P-Synch
26.18.4 Testing
26.18.5 Troubleshooting
26.19 OS400
26.19.1 Pre-installation
26.19.2 Adding the server to P-Synch
26.19.3 Testing
26.19.4 Troubleshooting
26.19.5 Sample script for managing AS400 systems using the Telnet agent
26.20 Oracle
26.20.1 Pre-installation
26.20.2 Adding the server to P-Synch
26.20.3 Testing
26.20.4 Troubleshooting
26.21 PeopleSoft
26.21.1 Authentication process and security
26.21.2 P-Synch password management
26.21.3 Implementation
26.22 P-Synch/390
26.22.1 Overview
26.22.2 Pre-installation
26.22.3 Adding the server to P-Synch
26.22.4 Testing
26.22.5 Troubleshooting
26.23 Remedy
26.23.1 Pre-installation
26.23.2 Installation
26.23.3 Testing
26.23.4 Troubleshooting
26.24 Routers
26.25 SAP
26.25.1 Pre-requisites
26.25.2 Underlying technology
26.25.3 Implications for SAP technical support
26.25.4 Adding SAP target systems to P-Synch
26.26 SQL Server
26.26.1 Pre-installation
26.26.2 Adding the server to P-Synch
26.26.3 Testing
26.26.4 Troubleshooting
26.27 SecurID/ACE
26.27.1 Pre-installation
26.27.2 Adding the server to P-Synch
26.27.3 Testing
26.27.4 Troubleshooting
26.28 Siebel eBiz
26.29 Sybase
26.29.1 Pre-installation
26.29.2 Adding the server to P-Synch
26.29.3 Testing
26.29.4 Troubleshooting
26.30 Telnet agent
26.30.1 Pre-installation
26.30.2 Adding the server to P-Synch
26.30.3 Testing
26.30.4 Troubleshooting
26.31 Unix
26.31.1 Pre-installation
26.31.2 Installing the Unix agent
26.31.3 Adding the server to P-Synch
26.31.4 Testing
26.31.5 Troubleshooting
26.32 VM/ESA
26.33 VMS
26.34 Web applications
26.35 Windows 2000
26.35.1 Pre-installation
26.35.2 Adding the server to P-Synch
26.35.3 Testing
26.35.4 Troubleshooting
26.36 Windows NT
26.36.1 Pre-installation
26.36.2 Adding the server to P-Synch
26.36.3 Testing
26.36.4 Troubleshooting
27. Utility programs
27.1 acctcopy
27.2 addnid
27.3 addntusers
27.4 admchgpw
27.5 adm_set
27.6 aliasconv
27.7 builddb
27.8 buildres
27.9 cgiq
27.10 chgntpass
27.11 comparez
27.12 compntldap
27.13 conv4to6
27.14 conv5to6
27.15 createdb
27.16 ctrlalt.dll
27.17 dbop
27.18 dbmerge
27.19 dcdisc
27.20 dcdiscovery
27.21 deploychk
27.22 dnstest
27.23 doscmd
27.24 dumpdb
27.25 duphost
27.26 expclien
27.27 expnt
27.28 exp2k
27.29 filelock
27.30 filetransfer
27.31 hostcopy
27.32 host_set
27.33 instdll
27.34 listbind
27.35 listccm
27.36 listdb2
27.37 listdmn
27.38 listgrpw
27.39 listifx
27.40 listldap
27.41 listnid
27.42 listnt
27.43 listnds
27.44 listora
27.45 listsap
27.46 listsql
27.47 listsyb
27.48 listunix
27.49 listw2k
27.50 lmalias
27.51 loadstat
27.52 logoff
27.53 makeuser
27.54 mailto
27.55 mergelst
27.56 mkexplst
27.57 mlmailto
27.58 ndsunlock
27.59 ntcheck
27.60 ntesched
27.61 ntexpire
27.62 ntlkexpa
27.63 ntrename
27.64 pscp
27.65 pscopypr
27.66 psdebug
27.67 psmaster
27.68 psnotify
27.69 psusage
27.70 regkey
27.71 regquery
27.72 regutil
27.73 remove
27.74 rmuser
27.75 rotatelog
27.76 runurl
27.77 runurl.vxd
27.78 saferun
27.79 sessrep
27.80 showtemp
27.81 striptxt
27.82 tcopy
27.83 telntcmd
27.84 testps
27.85 today
27.86 urlget
27.87 usercopy
27.88 w2kcheck
27.89 w2klkexpa
27.90 w2kranddc
27.91 wincsub
27.92 winproxy
28. Service programs
28.1 Installing a service program
28.2 expdaemon
28.3 psace
28.4 psgossip
28.5 pslogservice
28.6 psppmon
28.7 psproxy
28.8 psslave
28.9 psscheduler
28.10 pushpass
29. Nightly automation
30. Notification interface language
30.1 Interface architecture
30.2 Example interface
30.2.1 Business requirement
30.2.2 Interface details
30.3 Implementing business logic
30.3.1 Setting exit traps
30.3.2 Script files
30.4 System variables that can trigger notification
30.5 Script syntax
30.5.1 Comments
30.5.2 Global definitions
30.5.3 Function list
30.5.4 Operation list
30.5.5 Defining new sections (code blocks)
30.5.6 Statements
30.5.7 Expressions
30.6 Mail Notification
30.7 Specific help desk systems
30.7.1 Clarify
30.7.2 GoldMine HEAT
30.7.3 HTTP servers
30.7.4 Null System
30.7.5 Open Database Connection (ODBC)
30.7.6 Peregrine ServiceCenter 3.x
30.7.7 Remedy Action Request System
30.7.8 SupportSoft
30.8 Troubleshooting
30.8.1 Is the help desk system or database running?
30.8.2 Can the interface program run?
30.8.3 Is the interface program setup correctly?
30.8.4 Are records being updated correctly?
30.8.5 Are new records being created?
30.8.6 Mail messages are not sent correctly.
31. External authentication programs
31.1 RSA SecurID/ACE
31.2 Radius
31.3 LDAP directories
31.3.1 Password validation with valildap
31.3.2 Q&A Authentication with ldapqa
31.4 Writing authentication programs
31.4.1 Data supplied to the program
31.4.2 Requesting questions
31.4.3 Requesting questions and answers
31.4.4 Validating answers
31.4.5 Editing questions and answers
32. Customizing the user interface
32.1 About the P-Synch GUI files
32.2 Using the m4 macro system
32.3 Editing the P-Synch GUI files
32.3.1 Applying alternate style sheets
32.3.2 Adding multi-language tags
32.3.3 Modifying multi-language text macros
32.3.4 Adding a language
32.3.5 Modifying web page design
32.3.6 Moving custom attribute fields
32.4 Changing the display of the date and time
33. Default passwords
34. Writing CGI plugin programs
34.1 Sequence of events
34.2 Input to the plugin
34.3 Output from the plugin
34.4 Tag definitions
35. Writing sub-host plugin programs
36. Scripts for telnet, TN3270, HTTP and HTTPS servers
36.1 Pre-installation
36.2 Writing a script
36.3 Script files
36.3.1 Functions
36.3.2 Comments
36.3.3 Key and function key representation in script files
36.3.4 read statement
36.3.5 extract statement
36.3.6 discard statement
36.3.7 if statement
36.3.8 loop statement
36.3.9 goto statement
36.3.10 write statement
36.3.11 write_3270 statement
36.3.12 http_get statement
36.3.13 http_post statement
36.3.14 ssl statement
36.3.15 basicauth statement
36.3.16 reopen statement
36.3.17 new_host statement
36.3.18 sleep statement
36.3.19 hangup statement
36.4 Testing scripts
36.5 Troubleshooting
37. Database applications
37.1 Work flow
37.2 Script syntax
37.3 Example scripts
38. Writing Win32 console scripts
38.1 Workflow
38.2 Script files
38.2.1 run statement
38.2.2 if statement
38.2.3 loop statement
38.2.4 goto statement
38.2.5 echoto statement
38.2.6 unlink statement
38.3 Example scripts
39. Unix agent
39.1 Starting the agent
39.2 Chat scripts
39.3 Script syntax
39.3.1 Write statements
39.3.2 Read statements
39.3.3 File statements
39.4 Testing scripts
40. Regular expressions
41. P-Synch Operation Codes
42. Error code listings
42.1 Novell IntraNetWare error codes
43. Credits
43.1 Regular expression parser
43.2 SSL library
43.3 Dictionary
43.4 zlib library
Index
P-Synch®
is a password management solution developed by
M-Tech
.
Note:
This document is intentionally obsolete to limit the release of proprietary information to competitors. For full and current documentation
contact your sales representative
|
©2004 M-Tech Information Technology, Inc.
|
Privacy policy
|