Upgrading to Novell ® SecureLogin 3.5 Rod Tietjen, [email protected].

Upgrading to Novell® SecureLogin 3.5

Rod Tietjen, [email protected]

© March 9, 2004 Novell Inc, Confidential & Proprietary2

one Net: Information without boundaries…where the right people are connected with the right information at the right time to make the right decisions.

The one Net vision

Novell exteNd™

Novell Nsure™

Novell Nterprise™

Novell NgageSM

:

:

:

:


The one Net vision

Novell Nsure solutions take identity management to a whole new level. Novell Nsure gives you the power to control access so you can confidently deliver the right resources to the right people — securely, efficiently, and best of all, affordably.

Novell Nsure™

Novell exteNd™

Novell Nsure™

Novell Nterprise™

Novell NgageSM

:

:

:

:


Agenda

New Protocols Supported

New Features To Plan For During Deployment

• LDAP Client• Java Support• SecureWorkstation• Export/Import Functionality Through XML• Automate.ini For Simplified Installs• Compatabilty And Co-existance With

Previous Versions

Q&A


New Protocols Supported in 3.51

Full Support For LDAP• eDirectory™: Version 8.6.2 or Later• iPlanet Support• More Scalable Then Previous Release

SecretStore Over LDAP• Requires eDirectory Version 8.6.2 Or

Later• Faster Client Access And Performance• No Longer Requires Novell Client32

6

Install Options: General

7

Install Options: eDirectory

8

Install Options: eDirectory

9

Install Options: LDAP

10

Install Options: LDAP

11



New Features To Plan For During Deployment: LDAP Client

As seen in previous slides, may be installed as:• Windows GINA - “When logging into windows”• Credential Manager - “After sucessfully logging into

windows”• Application Level - “When SecureLogin starts”

Dynamic certificate download

Contextless search

*No ConsoleOne administration from LDAP client


New Features To Plan For During Deployment:

Java• Requires Sun JRE 1.4.1 or later to be present before

installing

SecureWorkstation• Installed by default with no policy enabled. • Configurable via NMAS method• See TUT380 for more details


New Features To Plan For During Deployment: Export/Import ability

All admin tools support export/import functionality for:• Application scripts• Admin settings• User settings• Password/Passphrase Policies• User ID's

Supports importing setting from Test environment to production.

15

New Features To Plan For During Deployment: Export/Import ability


New Features To Plan For During Deployment: Automate.ini

InstallShield functionality to allow Administrator to set default choices for the user.

Self-Documented file found on CD at <root>/SecureLogin/Client/Automate.ini

May specify up to 3 servers for LDAP failover


New Features To Plan For During Deployment

Compatability and Co-existance with previous versions:

• Limited support for NSL 2.5x• Full upgrade support for NSL 3.0.4 and later• New schema attributes backwards compatable• NSL 3.51 client defaults to NSL 3.0.x data

format• Ability to upgrade container by container

*Once client data has been upgraded, data format is no longer compatable with NSL 3.0.x


Methodology For Determining Which NSL Data Store Format Is Used

3.0.x data format• 3.51 client installed into an existing

SecureLogin environment with any 3.0x data• Admin setting specifing 3.0 format is

inherited

3.51 data format• Admin setting specifing 3.51 is inherited by

client• New Schema is extended and client does not

inherit any 3.0.x data (For example a fresh install)

19

Administrator options to upgrade deployed 3.51 clients


Known Issues

SecretStore® mode• Windows 98 users may not

experience full functionality• Administration must be done from a

SecretStore client

NMAS™ issues• AAVerify not supported on LDAP

mode• NMAS server 2.2 or later is required

for NMAS methods included


Known Issues

Uninstall• NMAS installed by NSL is not uninstalled• NICI installed by NSL is not uninstalled

Active Directory• ?sysuser and ?syspassword not

supported on ADInstall

• Install requires the user to be a member of the Administrators group on WinNT/Win2k/WinXP

*See readme.txt for other issues and possible workarounds


For more information

Other BrainShare 2004 sessionsDHO263 Developing for Novell Nsure SecureLogin

DL150 Novell SecureLogin Scripting for Web, Windows, Java Applications and Terminal Emulators

IO152 Introduction to Novell SecureLogin 3.5

TUT361 Implementing Complete Hospital Access Solutions with Novell SecureLogin

TUT362 Novell SecureLogin Advanced Configuration

TUT380 Implementing Strong Authentication to any Application Using SecureLogin and NMAS



For more information on Novell SecureLogin, please visit: www.novell.com/products/securelogin•Customer success stories•Evaluation version•Brochure, Flyer, White Paper•ROI Tool•News & Reviews



Visit the following technology demonstrations in the one Net solutions lab:

• Novell DirXML • Novell Nsure Resources• Novell iChain• Novell SecureLogin• Novell Account Management• Novell BorderManager• Novell Auditing Technologies• Liberty identity provider for Novell eDirectory• Novell Nsure program table

Question and Answer

26


General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. Novell, Inc., makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc., reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.

No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.

Upgrading to Novell ® SecureLogin 3.5 Rod Tietjen, [email protected].

Documents

Transcript of Upgrading to Novell ® SecureLogin 3.5 Rod Tietjen, [email protected].