PISTOLSTAR -
`
`Password Power 8
`
`Server Installation
`
`Win20fl3f2008
`
`Cop-yflgli 2flflZ*1‘U1Dl..
`All
`
`‘Int.
`
`%
`
`
`
`Password Power 8
`
`Server Installation
`
`Win20fl3f2008
`
`Cop-yflgli 2flflZ*1‘U1Dl..
`All
`
`‘Int.
`
`%
`
`
`
`Q‘ PISTOLSTAR
`
`Password Power 8
`
`Installation and Administrator’s Guide
`
`Pisto|Star,lnc.
`
`o www.QistoIstar.com o 603.547.1200
`
`
`
`Copyright and Disclaimer
`PistolStar, Inc. makes no representation or warranties with respect to this manual, except as specifically stated in the
`applicable user agreement or warranty notice, with respect to any hardware, firmware, or sofiware described in this
`manual. PistolStar, Inc. specifically disclaims any expressed or implied warranties of merchantability, title, or
`fitness for a particular purpose. Furthermore, PistolStar, Inc. reserves the right to make revisions or changes to any
`and all parts ofthe manual, hardware, firmware, or software at any time without obligation to notify any person or
`entity of the changes.
`
`Copyright 1999 PistolStar, Inc. All rights reserved.
`No part of this publication may be reproduced, photocopied, stored in a retrieval system, transmitted, or translated
`into any language Without the prior written permission of PistolStar, Inc.
`
`Trademarks
`
`Password Power” is a trademark of PistolStar, Inc.
`
`Microsofi, Windows, Windows XP and Windows Vista are trademarks of Microsoft Corporation in the United
`States, other countries, or both.
`
`Intel and Pentium are trademarks of Intel Corporation in the United States, other countries, or both.
`
`Oracle is a trademark of Oracle Corporation in the United States, other countries, or both.
`
`System i, iSeries and AS/400 are trademarks of IBM Corporation in the United States, other countries or both.
`
`iPhone is a trademark of Apple Corporation in the United States, other countries, or both.
`
`Licenses
`
`This product includes software developed by the OpenSSL Project for use in the OpenS SL Toolkit
`(hgp://www.openssl.org[ I, Apache Xerces and Apache Santuario.
`
`Password Power 8, Installation and User ’.s' Guide, Revision AR
`Mar 16, 2012
`
`PistolStar, Inc.
`P.O. Box 1226
`Amherst, NH 03031
`603.547.1200
`
`wwwpistolstar. com
`
`Password Power 8, Installation and Administrator 's Guide
`
`
`
`Pistolstar, Inc.
`
`Contents
`
`.........................
`1 INTRODUCTION ...............................................................................................................
`ABOUT PISTOLSTAR ................................................................................................................................................. .. 6
`
`2 PASSWORD POWER OVERVIEW ................................................................................................................... ..7
`PRODUCT DESCRIPTION ............................................................................................................................................ .. 7
`NEW FEATURES ............................................. ..
`
`Domino Plug-in SAML Identity Provider ..................... ..
`Domino Plug-in SAML SSO - SP-Initiated POST SSO .............. ..
`Domino Plug-in SAML SSO - Static Authentication Mapping.....
`Domino Plug-in SAML SSO - Artifact Binding ....................... ..
`Google Chrome & Mozilla Firefox Web SSO Extensions ..
`SAML—based Web SSO ....................................................................................................................................... ..9
`Network Password Self-Recovery Lockout ......................................................................................................... ..9
`Enrollment-based Domino Web SSO ........ ..
`10
`Domino Plug-in Event Auditing ..........................................................................................................................10
`Challenge Answer Capture for Verbal Authentication ........................................................................................ 10
`SSO to IBM Lotus Quickr Connectors .................................................................................. ..
`10
`SYSTEM REQUIREMENTS ............................................................................................................ ..
`11
`Client-Side System Requirements
`ll
`Server-Side System Requirements .......................................................................................................................
`HOW PASSWORD POWER WORKS .............................................................................................................................
`
`SINGLE SIGN ON (SSO) ........................... ..
`Lotus Domino HTTP SSO — Kerberos .
`Lotus Domino HTTP SSO — SAML.....
`Lotus Domino HTTP SSO — NTLM.....
`Lotus Domino HTTP SSO — Enrollment-based SSO Cookies .................. ..
`Lotus Domino HTTP SSO — SSO Cookies (Client Sofiware Installation) ..
`Lotus Notes SSO .................................................................................................................................................
`SAP Netweaver SSO .
`SAP GUI SSO ........................................ ..
`IBM Websphere/Websphere Portal SSO ............................................................................................................
`PASSWORD SELF—RECOVERY ....................................................................................................................................
`
`Network Password Self-Recovery .......................................................................................................................
`Challenge Answer Capture for Verbal Authentication ........................................................................................
`Notes ID Password Self-Recovery .............................. ..
`AUTHENTICATION REDIRECTION .................................. ..
`Authentication Redirection for Lotus Notes Client
`PASSWORD SYNCHRONIZATION . . ..
`SECURITY FEATURES ................................................................................................................................................36
`3 INSTALLING THE PASSWORD POWER CLIENT
`...............................................37
`RUNNING THE CLIENT INSTALLATION WIZARD ...................................................................................................... ..37
`
`Password Power 8, Installation and Adm Enistrator ‘s Guide
`
`
`
`Pistolstar. Inc.
`
`PASSWORD PowER REGISTRY SETTINGS ................................................................................................................ ..66
`System-wide Settings ........................ ..
`User-specific Settings ........................................................................................................................................ ..80
`MODIFYING SSOJNI.............................................................................................................................................. ..82
`Servers ..................
`....82
`Options .............................................................................................................................................................. ..83
`Expiration .......................................................................................................................................................... ..89
`Mai1Address .... ..
`....89
`
`USemameMap .................................................................................................................................................... ..89
`4 INSTALLING THE PASSWORD POWER DOMINO PLUG-IN ............................................................ .......91
`
`REQUIREMENTS .................. ..
`INSTALLATION OVERVIEW ..................................................................................................................................... ..91
`INSTALLATION STEPS — WINDOWS PLATFORM ....................................................................................................... ..92
`Load Balancing Installation Steps . . . . . . . . . . . . . . . . . . . . . ,. . . . . . . . . . . . .. . . . . . . . . . . . . . . . .. . . .
`. . . .. 109
`Running Domino Plug-in Under Specific AD Credentials (Optional) ............................................................ ..1 10
`INSTALLATION STEPS — AIX, SOLARIS & LINUX PLATFORMS .............................................................................. ..1 11
`Domino Kerberos SSO on AIX, Solaris or Linux Platforms ........................................................................... .. l 12
`INSTALLATION STEPS — [SERIES/AS400 PLATFORM ............................................................................................. ..l 16
`CONFIGURING SAML SSO ............... ..
`
`Common SAML Configuration ............. ..
`SAML Identity Provider Configuration...
`SAML Service Provider Configuration .... ..
`CONFIGURING THE DOMCFGNSF ................ ..
`
`Method 1: Quick and Dirty .............................................................................................................................. ..l21
`Method 2: In Depth and Permanent ................................................................................................................. .. 124
`PASSWORD POWER SERVER NOTES.INI VARIABLES .......................................................................................... .. 127
`Enrollment-based SSO Settings ....................................................................................................................... .. 131
`Kerberos/NTLM SSO Settings ................................................. ..
`Authenticating Against Multiple Active Directory Domains ................................................................. ..
`Authenticating Against Multiple AD Domains Using Email and AD Password .................................... ..
`Client IP White and Black Lists ............................................................................... ..
`
`S INSTALLING THE SAP PLUG-IN (OPTIONAL).....
`
`DESCRIPTION ........................................................................................................................................................ .. 144
`INSTALLATION OVERVIEW ................................................................................................................................... .. 145
`INSTALLATION TOOLS .......................................................................................................................................... .. 145
`INSTALLATION STEPS ............................................................................................................................... ..
`
`Software Deployment Manager.....
`Visual Administrator ................... ..
`
`Create Keystore (Optional) ..................... ..
`Configuring passwordpowenproperties
`Restart J2EE server in SAP Netweaver ........................................................................................................... .. 160
`UN-INSTALLATION STEPS ..................................................................................................................................... .. 162
`
`INSTALLING THE WEBSPHERE PLUG-IN (OPTIONAL).
`REQUIREMENTS .................................................................................................................................................... .. 165
`DESCRIPTION ........................................................................................................................................................ ._ 165
`INSTALLATION OVERVIEW ................................................................................................................................... .. 166
`INSTALLATION STEPS ........................................................................................................................................... .. 166
`Create Keystore (Optional) ................................... ..
`176
`Create AD User Principal (Kerberos SSO only) . . . . .
`. . . .. 176
`Configuring passwordpowenproperties ........................................................................................................... .. 177
`
`Password Power 8, Installarion and Administrator '5 Guide
`
`
`
`P|sto|Star, Inc.
`
`KNOWN ISSUES..................................................................................................................................................... ..177
`
`7 INSTALLING THE PORTAL PLUG-IN (OPTIONAL)... ....................
`CLIENT REQUIREMENTS ....................................................................................................................................... .. 178
`DESCRIPTION ........................................................................................................................................................ .. 178
`INSTALLATION OVERVIEW ................................................................................................................................... .. 179
`INSTALLATION STEPS ............... ..
`
`Copy Files To Portal Sewer .... ..
`Modify the Portal Logon Page ........... ..
`Interface For Reduced Web Sign-On...
`Interface For Lotus Notes SSO ........................................
`
`185
`Install and configure server plug-in(S) (Web RSO only).
`Allow ActiveX controls to run.............................................................................................................. .. 185
`
`8 SAP GUI SSO & SYNCIIRONIZATION (OPTIONAL)......................... .........................................................187
`PRODUCT DESCRIPTION ........................................................................................................................................ .. 187
`Interface 1: Graphical . . .. . .
`. . . . . . .
`. . . .. 187
`Interface 2: Command Line ............................................................................................................................. ..189
`PASSWORD SYNCHRONIZATION ............................................................................................................................ ..189
`User Input Persistence ..................................................................................................................................... ..190
`KNOWN ISSUES ..................................................................................................................................................... .. I90
`Account Lockout .................. ..
`190
`A New Password Not Accepted ........
`Unauthorized Password Change
`... .... ....... .. . .. . . .......... .. . ... . ............l93
`9 TROUBLESHOOTING ..... .............
`ONLINE RESOURCES ............................................................................................................................................. .. 193
`LOCAL RESOURCES .............................................................................................................................. ..
`
`USING WEB SSO WI'I'I-I PIsToLsTAR’S WEB SET PASSWORD ................................................................................ ..193
`MANUALLY CoN1=IGUR1Nc THE MAIL-IN DATABASE ........................................................................................... .. 194
`APPENDIX A — SAP AND WEBSPHERE CONFIGURATlON....
`
`CREATE KEYSTORE (OPTIONAL) .......................................................................................................................... .. 199
`CONFIGURING PASSWORDPOWER.PROPERTIES ...................................................................................................... ..200
`
`. . . ..200
`WebSphere Kerberos SSO Implementation . . . . . . .. . . . . . . . . . . . . . . . . . . .. .
`SAP and Cookie SSO implementation of Websphere plug-in ........................................................................ ..205
`ENABLING WEBSPHERE TRACING ........................................................................................................................ .208
`APPENDIX B — PORTAL PLUG-IN PARAMETERS...
`.
`
`..................................2l7
`......................
`APPENDIX C —
`POTENTIAL WEB BROWSER CHANGES .................................................................................................................. ..217
`Microsoft Internet Explorer . . . . . . . . . . . . . . .
`. . . . ..217
`Mozilla Firefox ................................................................................................................................................ ..219
`TROUBLESHOOTING .............................................................................................................................................. ..2 l 9
`Utilities ............................................................................................................................................................ ..2 19
`Server Initialization ......................................................................................................................................... ..22()
`Client Initialization . . . . . . . . . .
`. . . . ..222
`Client To Domino Server ................................................................................................................. ..
`
`Clock Synchronization ..................................................................................................................... ..
`Configuring Service Principal Name Aliases for Domino ...................... ..
`APPENDIX D — DELEGATING RIGHTS IN ACTIVE DIRECTORY .......................................................... "235
`
`Password Power 8, Installation and Administrator '5 Guide
`
`
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
