SSSI.NLM--- Extends the eDirectory schema, installs the Novell SecretStore service, and initializes and/or validates the Security Domain Infrastructure (SDI).
You use nwconfig.nlm to load sssi.nlm (Novell SecretStore Installation NetWareŽ Loadable Module). Sssi.nlm does the following:
SSS.NLM---The Novell SecretStore service.
The equivalent file for Windows NT*/2000 servers is sss.dlm. The equivalent file for UNIX* servers is libsss.so.
SecretStore provides a secure infrastructure for storing and retrieving secrets and credentials in eDirectory. SecretStore uses NICI and Security Domain Infrastructure (SDI) to safely and securely store a user's secrets.
Novell SecureLogin is a single sign-on application that uses SecretStore.
Upon a successful authentication of the user to an application, the SecretStore-enabled application stores the application's login credential in SecretStore. From then on, when the user logs in to eDirectory and launches the application, the single sign-on client retrieves the application password from SecretStore, provides it to the application or Web site in the background, and authenticates the user.
ssldp.nlm---The SecretStore LDAP transport plug-in.
sssncp.nlm---The SecretStore NCP transport plug-in.
lsss.nlm---The LDAP SecretStore extension manager.
Lsss.nlm allows applications to use the Light Weight Directory Access Protocol (LDAP) to store secrets. The equivalent file for Windows NT/2000 servers is lsss.dll.
sssnapin.exe---The SecretStore snap-in to ConsoleOne.
Sssnapin.exe enables you (the administrator) to configure and administer SecretStore components.
Novell eDirectory automatically installs ConsoleOneTM on a server. However, to use ConsoleOne, you install the SecretStore snap-in to ConsoleOne on a client workstation (or to a directory on a server) and run ConsoleOne from a workstation. The SecretStore installation program installs the snap-in.
For more information on SecretStore, see the following:
For the SecretStore 3.0 release, the SecureLogin installation program (setup.exe) installs the following components on your administrative Windows workstation. Workstation components are currently not available for UNIX platforms.
NICI client---Enables the SecretStore client to provide all the encrypted traffic between SecretStore, the SecretStore client, the Novell Modular Authentication ServicesTM (NMASTM) client, and application connectors.
Novell SecureLogin---Enables applications to communicate with SecretStore as a universal connector.
The Novell SecureLogin client embodies the APIs for accessing the SecretStore service.
NMAS client---Enables single sign-on users (online or offline) to authenticate to eDirectory.
The NMAS client can confirm authentication during the following situations:
SecretStore client---Provides the mechanism to access the SecretStore service and ensure secure transmission of secrets to and from eDirectory.
The SecretStore client collects secrets (for example, usernames and passwords), recognizes an application credential or password field, and helps to authenticate users by passing the credentials to the application.
The SecureLogin client enables anyone to use applications without repeatedly entering passwords. A user can be logged in to or disconnected from a network.
ConsoleOne---Enables you to administer (from a workstation) secrets in SecretStore.
SecretStore ConsoleOne snap-in---Enables you to create, configure, and administer single sign-on objects in eDirectory.
You can run the ConsoleOne snap-in on your workstation provided you have also installed the NICI and Novell SecureLogin client components.
SecretStore Manager---Enables users to perform basic maintenance tasks on their SecretStore.
SecretStore Manager protects secrets by requiring NMAS authentication before a user can view secrets.
Although SecretStore Manager is not intended as the primary interface to SecretStore, it helps users manage SecretStore secrets outside the interfaces provided by the SecureLogin-enabled applications.
The following figure illustrates SecretStore Manager:
SecretStore Status---Enables users to set their master password, unlock SecretStore, switch between eDirectory trees, or switch between eDirectory usernames associated with different trees or servers.
SecretStore Status is a lite version of SecretStore Manager. The following figure illustrates SecretStore Status:
