Installing SecureLogin for eDirectory

The Novell eDirectory option installs SecureLogin onto networks that are running eDirectory. This option provides secure, centralized storage of user login data by performing encryption once on the workstation before the data is saved to eDirectory.

This option can use the patented Novell SecretStore^® client/server system to provide the highest possible level of security for user login data. SecretStore requires server components on the eDirectory server and SecureLogin client software on workstations.

1. Make sure that you are authenticated to an eDirectory tree.

   In Step 5 below, you select an installation option. If you are authenticated to an eDirectory tree and select to install SecureLogin along with SecretStore, installation proceeds as expected. If you are not authenticated, the following scenario occurs.

   Scenario: Unusable Login Prompt. You are not authenticated to an eDirectory tree. You select to install the SecureLogin client along with SecretStore. During the installation, you select default settings. The installation program prompts you for a username and password. However, the username field cannot be edited, and no password has been set.

   Until you authenticate to eDirectory and set a passphrase or password, SecureLogin continues to display this "unusable" prompt each time that SecureLogin is started.

2. Run setup.exe, found in the securelogin\client directory.

3. Select a language, click Next twice, then accept the license agreement.

4. Select Complete, then click Next.

   
   

   The Complete option uses default values and installs SecureLogin in c:\program files\novell\securelogin. For options available through the Custom option, see Using the Custom Option for Novell eDirectory.

5. Select eDirectory as the platform where SecureLogin will store its data, then click Next.

   
   

6. Select Novell Client for Windows or LDAP, then click Next.

   
   

   If the Novell Client^TM is installed, the installation program recommends that option. Otherwise, LDAP is recommended.

7. Select whether SecureLogin is to install the SecretStore client, the NMAS^TM client, or both, then click Next.

   
   

   IMPORTANT:   Select Novell SecretStore only if SecretStore is installed on a server. For information on SecretStore, see the Novell SecretStore 3.3 Administration Guide.

   The Novell SecretStore option installs the SecretStore client. If you deselect this option and want to install it later, you must uninstall SecureLogin, then run the SecureLogin installation again.

   However, if you install the SecretStore client and then later run the install program and deselect the SecretStore client, you will cause problems to the directory cache. All the credential sets that are stored in SecretStore will be unavailable to the eDirectory client. Nevertheless, as long as the local cache is enabled, you can still run SecureLogin. The local cache will populate the eDirectory cache.

   The Novell NMAS Client option installs the NMAS client. SecureLogin uses this option with the AAVerify command, to enable advanced authentication access to an application.

8. Click Install.

9. (Conditional) If you selected the NMAS client, select one or more NMAS login methods, then click Next.

   
   

10. (Conditional) If you selected the NMAS client (for example, for a Windows 98 installation), select post-login methods, then click Next.

    
    

    The NDS Change Password option enables you to change your eDirectory password during a login session without using the eDirectory password to log in.

11. Click Finish, click Yes, then click OK to restart your workstation.

Using the Custom Option for Novell eDirectory

The Custom option provides the same defaults as does the Complete option, but enables you to do the following:

• Specify where SecureLogin files will be stored.

  You can use the default path or specify a different one.

• Specify a path for SecureLogin's local cache.
  

  The user profile directory is the default path.

  User profiles are in the following locations:

  Platform	The User Profile Directory
  Windows 9x	In c:\windows if profiles are disabled. In c:\windows\profiles if profiles are enabled.
  Windows NT/2000	In Document and Settings\username

  In earlier versions of SecureLogin, you could modify the cache file location by altering a key in the registry. This is no longer necessary because the installation program automates this step. Also, you can use the automate.ini file to customize the location.

• Select SecureLogin components (for example, Terminal Launcher) and SecretStore client components (for example, SecretStore Status).

  If you select the Novell eDirectory with SecretStore option, the installation program installs SecureLogin components and SecretStore components by default.

  The Description panel provides information about a component or subcomponent that you select.

  For more information on Terminal Launcher, see "Working with Terminal Emulators" in the Nsure SecureLogin 3.51 Administration Guide.