4.1 Installation Overview

Before proceeding with installing Novell SecureLogin in LDAP mode, make sure that the following prerequisites are in place.

The instructions apply to the standard architecture of the directory managed using an administration workstation.

The following high-level tasks apply to the configuration of the LDAP instance stored and administered on a separate server from the Active Directory server domain controller. If your configuration does not separate the Active Directory server and the LDAP server instance, follow the instructions for both.

  1. Verify whether you have an exported certificate from the Enterprise Root Certificate Authority (CA) for the LDAP directory to use the Novell SecureLogin data store.

    The certificate must be in the Distinguished Encoding Rules (DER) and use .der as the filename extension.

  2. Copy the certificate files to workstations.

  3. If the application type is single sign-on enabled, install the Citrix and Terminal Services client on a user workstation prior to installing Novell SecureLogin.

  4. Uninstall any previous version of Novell SecureLogin, if necessary.

  5. Extend the LDAP directory schema on the server.

    For information, see Section 4.2.2, Extending The LDAP Directory Schema.

  6. Install or upgrade the Novell SecureLogin on the administration workstation.

  7. Configure a test Novell SecureLogin environment, including enabling single sign-on and the required application, and testing it on test users.

  8. Copy the test users’ Novell SecureLogin single sign-on environment for mass deployment.

  9. Deploy Novell SecureLogin on users’ workstations.

IMPORTANT:If the LDAP-compliant directory extension is deployed by copying and running the ldapschema.exe file from another location rather, you need to copy the entire directory containing the LDAP schema and three Microsoft Foundation Class (MFC) library files to the preferred location. The LDAP schema and the three MFC files must be co-located in the same directory for the LDAP compliant directory extension instance to deploy successfully.