Previous Topic: Disconnected Endpoint Connection InformationNext Topic: How to Import SAM Endpoints and Shared Accounts


Create a Login Application

A login application uses a script to execute an application on the endpoint that automatically logs you in to a privileged account after you check out the privileged account password. Login applications let you configure the SAM automatic login.

You can create the following types of login applications. Each type of login application is a Visual Basic script:

The automatic login application scripts are located in the following directory:

JBOSS_HOME/server/default/deploy/IdentityMinder.ear/config/sso_scripts

When you use an automatic login to check out a privileged account password on a Windows Agentless endpoint, CA ControlMinder Enterprise Management propend the host domain to the name of the privileged account. Before you create a login application for a Windows Agentless endpoint, verify the following points:

By default, you must have the System Manager role to create a login application. You can use login applications only in Microsoft Internet Explorer browsers.

Follow these steps:

  1. In CA ControlMinder Enterprise Management, click Privileged Accounts, Login Application, Create Login Application task.

    The Create Login Application: Login Application Search screen appears.

  2. (Optional) Select an existing login application to create the login application as a copy of it, as follows:
    1. Select Create a copy of an object of type Login Application.
    2. Select an attribute for the search, type in the filter value, and click Search.

      A list of login applications that match the filter criteria appears.

    3. Select the object that you want to use as a basis for the new login application.
  3. Click OK.

    The Create Login Application task page appears. If you created the login application from an existing object, the dialog fields are prepopulated with the values from the existing object.

  4. Complete the following fields:
    Name

    Defines the name by which you want to refer to this login application.

    Description

    (Optional) Defines the information that you want to record for this login application (free text).

    Script

    Defines the Visual Basic script to use to launch the login application.

    Note: We recommend that you do not customize these supplied scripts.

    Enable

    Specifies that this login application is enabled.

    Click Submit.

    CA ControlMinder Enterprise Management creates the login application. Before a user can use a login application, modify your endpoints in CA ControlMinder Enterprise Management to use the login application. Perform additional configuration steps on the endpoints to use terminal integration, and to use login applications on Windows Server 2008 endpoints.

More information:

Modify Windows Server 2008 Endpoints to Use a Login Application