A login application uses a script to execute an application on the endpoint that automatically logs you in to a privileged account after you check out the privileged account password. Login applications let you configure the SAM automatic login.
You can create the following types of login applications. Each type of login application is a Visual Basic script:
Note: Install the Microsoft SQL Server 2005 Management Studio on your computer to use the MSSQL2005Studio login application.
Note: Install the Microsoft SQL Server 2008 Management Studio on your computer to use the MSSQL2008Studio login application.
Note: Install PuTTY Release 0.60 or higher on your computer to use a PuTTY login application.
Note: For RDP automatic login by RDP.vbs run from the Enterprise Management UI, mstsc.exe must be located in the windows\system32 folder.
Note: By default you can use Telnet only. To use other connection methods (RSH, RLOGIN) you must modify the Visual Basic script. See the Reflection documentation for details.
The automatic login application scripts are located in the following directory:
JBOSS_HOME/server/default/deploy/IdentityMinder.ear/config/sso_scripts
When you use an automatic login to check out a privileged account password on a Windows Agentless endpoint, CA ControlMinder Enterprise Management propend the host domain to the name of the privileged account. Before you create a login application for a Windows Agentless endpoint, verify the following points:
Note: You can use the Modify Endpoint task to modify the Host Domain field.
By default, you must have the System Manager role to create a login application. You can use login applications only in Microsoft Internet Explorer browsers.
Follow these steps:
The Create Login Application: Login Application Search screen appears.
A list of login applications that match the filter criteria appears.
The Create Login Application task page appears. If you created the login application from an existing object, the dialog fields are prepopulated with the values from the existing object.
Defines the name by which you want to refer to this login application.
(Optional) Defines the information that you want to record for this login application (free text).
Defines the Visual Basic script to use to launch the login application.
Note: We recommend that you do not customize these supplied scripts.
Specifies that this login application is enabled.
Click Submit.
CA ControlMinder Enterprise Management creates the login application. Before a user can use a login application, modify your endpoints in CA ControlMinder Enterprise Management to use the login application. Perform additional configuration steps on the endpoints to use terminal integration, and to use login applications on Windows Server 2008 endpoints.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|