Manuals database logo
manualsdatabase
Your AI-powered manual search engine

Novell ACCESS MANAGER 3.1 SP1 - ADMINISTRATION manuals

ACCESS MANAGER 3.1 SP1 - ADMINISTRATION first page preview

ACCESS MANAGER 3.1 SP1 - ADMINISTRATION

Brand: Novell | Category: Software
Table of contents
ACCESS MANAGER 3.1 SP1 - ADMINISTRATION first page preview

ACCESS MANAGER 3.1 SP1 - ADMINISTRATION

Brand: Novell | Category: Software
Table of contents
  1. legal notices
  2. Table Of Contents
  3. Table Of Contents
  4. Table Of Contents
  5. Table Of Contents
  6. About This Guide
  7. additional documentation
  8. Administration Console
  9. Configuration Store
  10. Administration Console Conventions
  11. Changing the Administration Console Session Timeout
  12. Multiple Administrators, Multiple Sessions
  13. Managing Delegated Administrators
  14. Enabling Auditing
  15. Configuring Access Manager for Novell Auditing
  16. Querying Data and Generating Reports in Novell Audit
  17. Backing Up and Restoring Components
  18. Backing Up the Administration Console
  19. Restoring an Administration Console Configuration
  20. Traditional SSL VPN Server
  21. Restoring the Configuration with an Identity Server on the Same Machine
  22. Restoring the Configuration with an ESP-Enabled SSL VPN Server
  23. Restoring an Identity Server
  24. Single Access Gateway
  25. Running the Diagnostic Configuration Export
  26. Security and Certificate Management
  27. Process Flow
  28. Access Manager Trust Stores
  29. Access Manager Keystores
  30. Managing Certificates
  31. Managing Certificates and Keystores
  32. Managing Trusted Roots and Trust Stores
  33. Security Considerations for Certificates
  34. Importing a Trusted Root to the LDAP User Store
  35. Replacing Identity Server SSL Certificates
  36. Assigning Certificates to an Access Gateway
  37. Assigning Certificates to J2EE Agents
  38. Changing a Non-Secure (HTTP) Environment to a Secure (HTTPS) Environment
  39. Reviewing the Command Status for Certificates
  40. Access Manager Logging
  41. HTTP Transaction Logging for Proxy Services
  42. Using the Log Files for Troubleshooting
  43. Sample Authentication Traces
  44. Changing the IP Address of Access Manager Devices
  45. Changing the IP Address of the Access Gateway Appliance
  46. Changing the IP Address of an Audit Server
  47. Troubleshooting the Administration Console
  48. Logging
  49. Event Codes
  50. Converting a Secondary Console into a Primary Console
  51. Shutting Down the Administration Console
  52. Restoring CA Certificates
  53. Performing Component-Specific Procedures
  54. Enabling Backup on the New Primary Administration Console
  55. Orphaned Objects in the Trust/Configuration Store
  56. Repairing the Configuration Datastore
  57. Linux) Exception Processing IdentityService_ServerPage.JSP
  58. A Certificates Terminology
  59. B.1 Resolving Certificate Import Issues
  60. Trusted Root
  61. B.2 Mutual SSL with X.509 Produces Untrusted Chain Messages
  62. B.5 When a User Accesses a Resource, the Browser Displays Certificate Errors
  63. C.1 Modifying a Configuration That References a Removed Object
  64. C.2 Configuration UI Writes Incorrect Information to the Local Configuration Store
  65. D.1 NIDS: Sent a Federate Request (002e0001)
  66. D.2 NIDS: Received a Federate Request (002e0002)
  67. D.4 NIDS: Received a Defederate Request (002e0004)
  68. D.6 NIDS: Received a Register Name Request (002e0006)
  69. D.8 NIDS: Logged out a Local Authentication (002e0008)
  70. D.10 NIDS: User Session Was Authenticated (002e000a)
  71. D.11 NIDS: Failed to Provide an Authentication to a Remote Consumer (002e000b)
  72. D.13 NIDS: Received an Attribute Query Request (002e000d)
  73. D.15 NIDS: Failed to Provision a User Account (002e000f)
  74. D.16 NIDS: Web Service Query (002e0010)
  75. D.18 NIDS: Connection to User Store Replica Lost (002e0012)
  76. D.19 NIDS: Connection to User Store Replica Reestablished (002e0013)
  77. D.21 NIDS: Server Stopped (002e0015)
  78. D.23 NIDS: Intruder Lockout (002e0017)
  79. D.25 NIDS: Warning Component Log Entry (002e0019)
  80. D.27 Access Gateway: PEP Configured (002e0301)
  81. D.29 J2EE Agent: JACC Authorization PEP Configured (002e0306)
  82. D.30 Roles Assignment Policy Evaluation (002e0320)
  83. D.32 Access Gateway: Form Fill Policy Evaluation (002e0322)
  84. D.34 J2EE Agent: Web Service Authorization Policy Evaluation (002e0324)
  85. D.36 J2EE Agent: Startup (002e0401)
  86. D.38 J2EE Agent: Reconfigure (002e0403)
  87. D.40 J2EE Agent: Authentication Failed (002e0405)
  88. D.41 J2EE Agent: Web Resource Access Allowed (002e0406)
  89. D.43 J2EE Agent: Clear Text Access Denied (002e0408)
  90. D.45 J2EE Agent: EJB Access Allowed (002e040a)
  91. D.46 J2EE Agent: EJB Access Denied (002e040b)
  92. D.48 Access Gateway: URL Not Found (0x002e0508)
  93. D.49 Access Gateway: System Started (0x002e0509)
  94. D.51 Access Gateway: Identity Injection Parameters (0x002e050c)
  95. D.52 Access Gateway: Identity Injection Failed (0x002e050d)
  96. D.54 Access Gateway: Form Fill Authentication Failed (0x002e050f)
  97. D.55 Access Gateway: URL Accessed (0x002e0512)
  98. D.56 Access Gateway: IP Access Attempted (0x002e0513)
  99. D.58 Access Gateway: All WebServers for a Service is Down (0x002e0516)
  100. D.59 Management Communication Channel: Health Change (0x002e0601)
  101. D.61 Management Communication Channel: Device Deleted (0x002e0603)
  102. D.62 Management Communication Channel: Device Configuration Changed (0x002e0604)
ACCESS MANAGER 3.1 SP1 - ADMINISTRATION first page preview

ACCESS MANAGER 3.1 SP1 - ADMINISTRATION

Brand: Novell | Category: Gateway
Table of contents
  1. legal notices
  2. Table Of Contents
  3. Table Of Contents
  4. Table Of Contents
  5. Table Of Contents
  6. About This Guide
  7. additional documentation
  8. Configuring the Access Gateway to Protect Web Resources
  9. Creating a Reverse Proxy and Proxy Service
  10. Configuring a Proxy Service
  11. Configuring the Web Servers of a Proxy Service
  12. Configuring Protected Resources
  13. Setting Up a Protected Resource
  14. Understanding URL Path Matching
  15. Modifying Authentication Procedures
  16. Assigning an Authorization Policy to a Protected Resource
  17. Assigning an Identity Injection Policy to a Protected Resource
  18. Assigning a Form Fill Policy to a Protected Resource
  19. Assigning a Policy to Multiple Protected Resources
  20. Configuring Protected Resources for Specific Applications
  21. Configuring a Protected Resource for a SharePoint Server with an ADFS Server
  22. Configuring a Protected Resource for Outlook Web Access
  23. Configuring a Protected Resource for a Novell Teaming 2.0 Server
  24. Configuring HTML Rewriting
  25. Understanding the Rewriting Process
  26. Specifying the DNS Names to Rewrite
  27. Defining the Requirements for the Rewriter Profile
  28. Configuring the HTML Rewriter and Profile
  29. Disabling the Rewriter
  30. Configuring Connection and Session Limits
  31. Configuring TCP Connect Options for Web Servers
  32. Configuring Connection and Session Persistence
  33. Configuring the Access Gateway for SSL
  34. Prerequisites for SSL
  35. Configuring SSL Communication with the Browsers and the Identity Server
  36. Configuring SSL between the Proxy Service and the Web Servers
  37. Enabling Secure Cookies
  38. Securing the Proxy Session Cookie
  39. Managing Access Gateway Certificates
  40. Server Configuration Settings
  41. Saving, Applying, or Canceling Configuration Changes
  42. Starting and Stopping the Access Gateway
  43. Updating the Access Gateway
  44. Starting the Access Gateway Service Provider
  45. Stopping the Access Gateway Appliance
  46. Changing the Name of an Access Gateway and Modifying Other Server Details
  47. Setting the Date and Time
  48. Customizing Error Pages on the Gateway Appliance
  49. Customizing the Error Pages by Using the Default Template
  50. Customizing and Localizing Error Messages
  51. Configuring Network Settings
  52. Viewing and Modifying Gateway Settings
  53. Viewing and Modifying DNS Settings
  54. Configuring Hosts
  55. Adding New Network Interfaces to the Gateway Appliance
  56. Customizing Logout Requests
  57. Configuring X-Forwarded-For Headers
  58. Exporting the Configuration
  59. Importing the Configuration
  60. Cleaning Up and Verifying the Configuration
  61. Access Gateway Maintenance
  62. Interpreting Log Messages
  63. Configuring Logging of SOAP Messages and HTTP Headers
  64. Configuring Proxy Service Logging
  65. Calculating Rollover Requirements
  66. Enabling Logging
  67. Configuring Common Log Options
  68. Configuring Extended Log Options
  69. Configuring the Size of the Log Partition
  70. Viewing Cluster Statistics
  71. Monitoring Access Gateway Alerts
  72. Configuring Access Gateway Alerts
  73. Enabling Access Gateway Audit Events
  74. Managing Server Health
  75. Monitoring the Health of an Access Gateway
  76. Viewing the Health of an Access Gateway Cluster
  77. Viewing the Command Status of the Access Gateway
  78. Viewing Detailed Command Information
  79. Configuring the Content Settings
  80. Controlling Browser Caching
  81. Configuring Custom Cache Control Headers
  82. Understanding How Custom Cache Control Headers Work
  83. Enabling Custom Cache Control Headers
  84. Configuring a Pin List
  85. URL Mask
  86. Pin Type
  87. Purging Cached Content
  88. Protecting Multiple Resources
  89. Setting Up a Group of Web Servers
  90. Using Multi-Homing to Access Multiple Resources
  91. Path-Based Multi-Homing
  92. Virtual Multi-Homing
  93. Creating a Second Proxy Service
  94. Configuring a Path-Based Multi-Homing Proxy Service
  95. Managing Multiple Reverse Proxies
  96. Changing the Authentication Proxy Service
  97. Managing a Cluster of Access Gateways
  98. Managing the Servers in the Cluster
  99. Changing the Primary Cluster Server
  100. Troubleshooting the Linux Access Gateway
  101. Useful Tools
  102. The Linux Access Gateway Console
  103. Viewing Configuration Information
  104. Useful Files for Troubleshooting the Access Gateway Appliance
  105. Using Touch Files
  106. Protected Resource Issues
  107. Troubleshooting HTTP 1.1 and GZIP
  108. Protected Resources Referencing Non-Existent Policies
  109. Gateway
  110. Recovering from a Hardware Failure on an Access Gateway Machine
  111. COS Related Issues
  112. Memory Issues
  113. Rewriter Issues
  114. Reading Configuration Files
  115. Additional DNS Name Without a Scheme Is Not Rewritten
  116. The Access Gateway Hangs When the Audit Server Comes Back Online
  117. Troubleshooting a Failed Linux Access Gateway Configuration
  118. Linux Access Gateway Not Responding
  119. Connection and Authentication Issues
  120. Authentication Issues
  121. Form Fill Issues
  122. Form Fill Error Messages
  123. Authorization and Identity Injection Issues
  124. Identity Injection Failures
ACCESS MANAGER 3.1 SP1 - ADMINISTRATION first page preview

ACCESS MANAGER 3.1 SP1 - ADMINISTRATION

Brand: Novell | Category: Software
Table of contents
  1. legal notices
  2. Table Of Contents
  3. Table Of Contents
  4. Table Of Contents
  5. Table Of Contents
  6. Table Of Contents
  7. About This Guide
  8. additional documentation
  9. Configuring an Identity Server
  10. Creating a Cluster Configuration
  11. Assigning an Identity Server to a Cluster Configuration
  12. Removing a Server from a Cluster Configuration
  13. Managing a Cluster with Multiple Identity Servers
  14. Enabling and Disabling Protocols
  15. Customizing Identity Server Messages
  16. Customizing the Branding of the Error
  17. Customizing Tooltip Text for Authentication Contracts
  18. Customizing the Identity Server Login
  19. Selecting the Login Page and Modifying It
  20. Configuring the Identity Server to Use Custom Login
  21. Troubleshooting Tips for Custom Login
  22. Customizing the Identity Server Logout
  23. Enabling Role-Based Access Control
  24. Server
  25. Configuring the Identity Server for netHSM
  26. Configuring Secure Communication on the Identity Server
  27. Viewing the Services That Use the Signing Key Pair
  28. Viewing Services That Use the Encryption Key Pair
  29. Security Considerations
  30. Authentication Contracts
  31. Configuring Local Authentication
  32. Configuring Identity User Stores
  33. Configuring the User Store
  34. Configuring an Admin User for the User Store
  35. Creating Authentication Classes
  36. Specifying Common Class Properties
  37. Configuring Authentication Methods
  38. Configuring Authentication Contracts
  39. Using a Password Expiration Service
  40. URL Parameters
  41. Grace Logins
  42. Managing Direct Access to the Identity Server
  43. Logging In to the User Portal
  44. Specifying a Target
  45. Configuring Advanced Local Authentication Procedures
  46. Configuring Mutual SSL (X.509) Authentication
  47. Setting Up Mutual SSL Authentication
  48. Configuring for Kerberos Authentication
  49. Prerequisites
  50. Configuring Active Directory
  51. Configuring the Identity Server
  52. Configuring the Clients
  53. Configuring the Access Gateway for Kerberos Authentication
  54. Configuring Access Manager for NESCM
  55. Creating a Contract for the Smart Card
  56. Assigning the NESCM Contract to a Protected Resource
  57. Troubleshooting
  58. Defining Shared Settings
  59. Editing Attribute Sets
  60. Configuring User Matching Expressions
  61. Adding Custom Attributes
  62. Creating LDAP Attribute Names
  63. Adding Authentication Card Images
  64. Configuring SAML and Liberty Trusted Providers
  65. Embedded Service Providers
  66. High-Level Steps
  67. Configuring General Provider Options
  68. Configuring the General Identity Consumer Options
  69. Modifying a Trusted Provider
  70. Using the Intersite Transfer Service
  71. Selecting Attributes for a Trusted Provider
  72. Managing Metadata
  73. Configuring an Authentication Request for an Identity Provider
  74. Configuring an Authentication Response for a Service Provider
  75. Managing the Authentication Card of an Identity Provider
  76. Configuring CardSpace
  77. Prerequisites for CardSpace
  78. Enabling High Encryption
  79. Authenticating with a Personal Card
  80. Authenticating with a Managed Card
  81. Creating and Installing a Managed Card
  82. Configuring the Relying Party to Trust an Identity Provider
  83. Logging In with the Managed Card
  84. Authenticating with a Managed Card Backed by a Personal Card
  85. Configuring the Identity Server as a Relying Party
  86. Defining a Trusted Provider
  87. Cleaning Up Identities
  88. Configuring STS
  89. Creating a Managed Card Template
  90. Using CardSpace Cards for Authentication to Access Gateway Protected Resources
  91. Configuring WS Federation
  92. Configuring the ADFS Server
  93. Logging In
  94. Configuring the ADFS Server to Be an Identity Provider
  95. Additional WS Federation Configuration Options
  96. Modifying the User Identification Method
  97. Managing the Metadata
  98. Modifying the Authentication Card
  99. Modifying the Authentication Response
  100. Configuring User Identification Methods for Federation
  101. Selecting a User Identification Method for SAML 1.1
  102. Configuring the Attribute Matching Method
  103. Defining the User Provisioning Method
  104. User Provisioning Error Messages
  105. Configuring Communication Profiles
  106. Configuring a SAML 1.1 Profile
  107. Configuring Liberty Web Services
  108. Configuring the Web Services Framework
  109. Editing Web Service Descriptions
  110. Configuring Credential Profile Security and Display Settings
  111. Configuring Service and Profile Details
  112. Customizing Attribute Names
  113. Configuring the Web Service Consumer
  114. Mapping LDAP and Liberty Attributes
  115. Configuring One-to-One Attribute Maps
  116. Configuring Employee Type Attribute Maps
  117. Configuring Employee Status Attribute Maps
  118. Configuring Postal Address Attribute Maps
  119. Configuring Contact Method Attribute Maps
  120. Configuring Gender Attribute Maps
  121. Configuring Marital Status Attribute Maps
  122. Maintaining an Identity Server
  123. Updating an Identity Server Configuration
  124. Restarting the Identity Server
  125. Editing Server Details
  126. Managing Log File Size
  127. Configuring Session-Based Logging
  128. Creating the Logging Session Class, Method, and Contract
  129. Enabling Basic Logging
  130. Monitoring the Health of an Identity Server
  131. Monitoring Identity Server Statistics
  132. Application
  133. Incoming HTTP Requests
  134. Outgoing HTTP Requests
  135. SAML 1.1
  136. Clustering
  137. LDAP
  138. Enabling Identity Server Audit Events
  139. Monitoring Identity Server Alerts
  140. Troubleshooting the Identity Server and Authentication
  141. The Metadata
  142. DNS Name Resolution
  143. Certificate Names
  144. Certificates in the Required Trust Stores
  145. Certificates in the Correct Certificate Store
  146. Enabling Debug Logging
  147. Testing Whether the Provider Can Access the Metadata
  148. Authentication Classes and Duplicate Common Names
  149. Slow Authentication
  150. Browser Hangs in an Authentication Redirect
  151. A Simple Redirect Script
  152. Configuring iptables for Multiple Components
  153. Problems Reading Keystores after Identity Server Re-installation
  154. A Sample Custom Login
  155. A.2 Custom nidp.jsp File with Custom Credentials
  156. A.2.2 The Modified main.jsp File
  157. A.2.3 The Method and the Contract
  158. A.3.2 The Method and the Contract
  159. A.4.1 Modifying the File
  160. A.4.2 The Method and the Contract
  161. B About Liberty
  162. C Understanding How Access Manager Uses SAML
  163. C.2 Trusted Provider Reference Metadata
  164. C.6 Identity Provider Process Flow
  165. C.7 SAML Service Provider Process Flow
  166. D Data Model Extension XML
  167. D.2 Writing Data Model Extension XML
ACCESS MANAGER 3.1 SP1 - ADMINISTRATION first page preview

ACCESS MANAGER 3.1 SP1 - ADMINISTRATION

Brand: Novell | Category: Software
Table of contents
  1. legal notices
  2. Table Of Contents
  3. Table Of Contents
  4. Table Of Contents
  5. Table Of Contents
  6. Table Of Contents
  7. About This Guide
  8. Part I Overview of SSL VPN
  9. SSL VPN Features
  10. Traditional and ESP-Enabled SSL VPNs
  11. Traditional Novell SSL VPN
  12. High and Low Bandwidth SSL VPNs
  13. SSL VPN Client Modes
  14. Prerequisites
  15. Kiosk Mode
  16. Installing the SSL VPN Server
  17. Installing ESP-Enabled SSL VPN
  18. Installing the ESP-Enabled SSL VPN
  19. Installing the Traditional Novell SSL VPN
  20. Installing the RPM Containing Key For High Bandwidth SSL VPN
  21. Uninstalling the RPM Containing Key For High Bandwidth SSL VPN
  22. Upgrading SSL VPN Servers
  23. Upgrade Scenarios
  24. Upgrading SSL VPN Installed on a Separate Machine
  25. Migrating a Traditional SSL VPN Server to the ESP-Enabled Version
  26. Migrating Traffic Policies from Traditional SSL VPN to ESP- Enabled SSL VPN
  27. Upgrading Clustered SSL VPN Servers
  28. Configuration Changes to the SSL VPN Server Installed with the Linux Access Gateway
  29. Preinstalling the SSL VPN Client Components
  30. Uninstalling the SSL VPN Server
  31. Deploying SSL VPN
  32. Deployment Procedure
  33. Deployment Scenario
  34. Deploying the Traditional Novell SSL VPN
  35. Configuring Authentication for ESP-Enabled Novell SSL VPN
  36. Accelerating the Traditional Novell SSL VPN
  37. Injecting the SSL VPN Header
  38. Configuring the IP Address, Port, and NAT
  39. Configuring the SSL VPN Gateway Without NAT or L4
  40. Configuring Route and Source NAT for Enterprise Mode
  41. Ordering SNAT Entries
  42. Configuring DNS Servers and Certificates
  43. Configuring DNS Servers for Kiosk Mode
  44. Configuring End-Point Security and Access Policies for SSL VPN
  45. Configuring Policies to Check the Integrity of Client Machine
  46. Configuring the Category
  47. Configuring Applications for a Category
  48. Exporting and Importing Client Integrity Check Policies
  49. Configuring Traffic Policies
  50. Rule Ordering
  51. Exporting and Importing Traffic Policies
  52. Configuring How Users Connect to SSL VPN
  53. Allowing Users to Select the SSL VPN Mode
  54. Configuring SSL VPN to Download the Java Applet on Internet Explorer
  55. Customizing SSL VPN User Interface
  56. Customizing Error Messages
  57. Configuring Full Tunneling
  58. Configuring SSL VPN to Connect through a Forward Proxy
  59. Creating the proxy.conf File
  60. Configuring SSL VPN for Citrix Clients
  61. Configuring a Custom Login Policy for Citrix Clients
  62. Configuring the Access Gateway to protect the Citrix Server
  63. Configuring Single Sign-On Between Citrix and SSL VPN
  64. Additional Configurations
  65. Disconnecting Active SSL VPN Connections
  66. Overview of SSL VPN Clusters
  67. Limitations
  68. Creating a Cluster of SSL VPN Servers
  69. Adding An SSL VPN Server to a Cluster
  70. Removing an SSL VPN Server from a Cluster
  71. Clustering SSL VPN by Using L4
  72. Configuring a Cluster of Traditional SSL VPNs by Using L4
  73. Clustering SSL VPNs By Using Access Gateway and Without L4
  74. Testing the Scripts
  75. Configuring SSL VPN to Monitor Health of Cluster
  76. Virtual Server Settings Example
  77. Enabling SSL VPN Audit Events
  78. Viewing SSL VPN Statistics
  79. Viewing Statistics of SSL VPN Server Cluster
  80. Viewing the Bytes Graphs
  81. Monitoring Health of SSL VPN Servers
  82. Monitoring Health of SSL VPN Cluster
  83. Viewing the Command Status of the SSL VPN Server
  84. Monitoring SSL VPN Alerts
  85. Viewing SSL VPN Alerts
  86. Viewing SSL VPN Cluster Alerts
  87. Part VI Troubleshooting SSL VPN
  88. Troubleshooting SSL VPN Installation
  89. Troubleshooting SSL VPN Configuration
  90. Connection Problems with Mozilla Firefox
  91. Connection Problems with Internet Explorer
  92. SSL VPN Connects in Kiosk Mode, But There Is No Data Transfer
  93. Verifying SSL VPN Components
  94. Unable to Contact the SSL VPN Server
  95. Unable to Connect to the SSL VPN Gateway
  96. SSL VPN Server Is Unable to Handle the Session
  97. Bringing Up the Server If a Cluster Member Is Down
Novell categories
More Novell categories
Manuals database logo
manualsdatabase
Your AI-powered manual search engine