Environment
Novell SecureLogin
NSL 3.51
NSL6.0
NSL6.1
NSL 3.51
NSL6.0
NSL6.1
Situation
Directory attributes added with SecureLogin schema extension
What does running ndsschema.exe do?
What does running adschema.exe do?
What are the Prot:SSO attributes?
What does running ndsschema.exe do?
What does running adschema.exe do?
What are the Prot:SSO attributes?
Resolution
When NDSSchema or ADSchema is run the attributes below are added to the eDirectory or Active Directory schema, respectively. Note that the attributes are listed by their eDirectory names, with the AD names in parentheses.
- Prot:SSO Auth - contains all user-specific authentication data, such as the passphrase, and must be present on each User account. This attribute is only for a User object. (AD attribute: protocom-SSO-Auth-Data)
- Prot:SSO Entries - contains the credentials and scripts for an OU or a User. It will only be present whenever SSO data has been captured and stored on the object. This attribute contains the following:
- Prot:SSO Entry Checksum - a checksum value for the client to determine whether the 'Entries' attributes have changed. It will be present on the User and the OU that have data stored. This attribute optimizes the loading of data from the Directory. Whenever data changes in the protocom-SSO-Entries attributes, the Checksum attribute is updated. When SecureLogin loads, it reads the checksum and compares it to the checksum in memory. If the checksums are different, SecureLogin reloads the Entries attribute from the directory. (AD attribute: protocom-SSO-Entries-Checksum)
- Prot:SSO Profile - contains the OU to be redirected to. This is to support the 'Read Corporate Scripts and Settings From:' feature. It will need to be present on OU's that use this feature. This attribute is used to instruct SecureLogin to read the settings and preferences from another container. (AD attribute: protocom-SSO-Profile)
- Prot:SSO Security Prefs - contains the 'Settings' data for an OU or a User. It will only be present if settings have been changed from the default. This attribute stores data required for SecureLogin to operate before loading the users
datastore. This data can include Administrator-set Passphrase questions, Passphrase help information, settings, etc. (AD attribute: protocom-SSO-Security-Prefs)
- Prot:SSO Security Prefs Checksum - contains the checksum value for the client to be able to determine whether the 'Security-Prefs' data has changed. This attribute functions with the protocom-SSO-Security-Prefs attribute much like the protocom-SSO-Entries-Checksum functions with the protocom-SSO-Entries attribute. (AD attribute: protocom-SSO-Security-Prefs-Checksum)
o All the user's login user IDs and passwords o Specific preferences and application definitions at the User object o Corporate application definitions and preferences at the Container and Organizational Unit objects (AD attribute: protocom-SSO-Entries)
datastore. This data can include Administrator-set Passphrase questions, Passphrase help information, settings, etc. (AD attribute: protocom-SSO-Security-Prefs)
Additional Information
Formerly known as TID# 10097426