Updated Readme - NMAS, Authentication, Secugen
Novell Cool Solutions: Tip
By Norm O'Neal
Digg This -
Posted: 7 Jul 2005
This updated Readme for NMAS Login Methods, Graded Authentication, and Secugen Biometric Mice will save you some quality time in the near future.
- Install the Secugen NMAS Method into eDirectory.
- Using ConsoleOne, add an "SAS NMAS LoginMethod" under the Authorized Login methods in the Security Container. To do so, browse to the config.txt file that is in the folder with your NMAS method from Secugen.
- Install the Admin tools from Secugen to get the ConsoleOne snap-ins.
- Run the Secugen Policy Editor from the workstation where the admin tools were installed. For example, you can use "Right Thumb Print Only."
- Create a Test User and enroll the user's thumb print.
- Create a new Login sequence. To do this, go to Properties on the Login Policy Object under the Security Container and create the new sequence. Select NDS AND SGBIOmetric.
- Verify the default login sequence for all the users that are using the BIOmetric device. The 'Default Login Sequence should be changed to the sequence that you created in step 6 (ConsoleOne - Properties of the user, Security Tab).
- Set the Default Clearance to "Logged In". To do this, go to ConsoleOne > Properties of the user > Security tab. (Note: We made the mistake of choosing the Biometric and Password "Clearance", which in reality disabled our inherited rights on the file system. Biometric and Password is just a Security Label for Graded Authentication.)
- Study "graded authentication" concepts. See TID 10077323 as well as the Novell documentation and About Graded Authentication below.
- In ConsoleOne, set the Volume Security Label to Biometric AND password; or, go to the user object that has the login sequence and give it the necessary rights to the volumes and its folders. This is done on the Rights to Files and Folders tab in ConsoleOne.
- Update the Novell Client and install NMAS.
- Install the Device Driver for the mouse.
- Install the NMAS Method Client from the NMAS login method folder. Our lab example is C:\Apps\Novell\SecugenMethod\Client install. The U drive is in the download folder @ IDOH (per my client).
- Set the Default Login Sequence on the Client. For users that will use the device, go to the Novell Client; click Advanced; then browse to and choose the Login Sequence that you created above.
About Graded Authentication
Graded authentication enjales you to grant access to NetWare volumes and NDS attributes based on how users log in. For example, you can restrict access to a high-security volume for those logging by requiring a fingerprint, a password, and a token.
Graded Authentication provides an additional level of control. It does NOT take the place of regular NDS and file system access rights.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com