View
3
Download
0
Category
Preview:
Citation preview
Tivoli® Access Manager for Enterprise Single Sign-On
DPRA User Guide
Version 6.0
SC32-1993-00
���
Tivoli® Access Manager for Enterprise Single Sign-On
DPRA User Guide
Version 6.0
SC32-1993-00
���
Note:
Before using this information and the product it supports, read the information in “Notices,” on page 5.
First Edition (September 2006)
This edition applies to version 6, release 0, modification 0 of IBM Tivoli Access Manager for Enterprise Single
Sign-On (product number 5724-N70) and to all subsequent releases and modifications until otherwise indicated in
new editions.
© Copyright International Business Machines Corporation 2006. All rights reserved.
US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract
with IBM Corp.
Use
r G
uid
eWhat is TAM E-SSO: Desktop Password Reset Adapter?
IBM Tivoli Access Manager for Enterprise Single Sign-On: Desktop Password Reset Adapter (TAM E-SSO: Desktop Password Reset Adapter) lets you access your Windows user account when you lose or forget your password. No need to call your help desk or technical support, and no waiting for an administrator to reset your password.
All you have to do is pass a quick "pop-quiz" that verifies that you’re really "you," and you can reset your password yourself. And you will pass, because you’ll have created the quiz answers when you complete the TAM E-SSO: Desktop Password Reset Adapter Enrollment Interview.
Once you’ve completed your Enrollment Interview, you can take the TAM E-SSO: Desktop Password Reset Adapter Reset Quiz any time you lose or forget your password. If your Quiz answers match the answers you provided in the Enrollment Interview, you can create a new Windows password and log on.
TAM E-SSO: Desktop Password Reset Adapter is simple, quick, and secure, and it frees up your organization’s technical support for other priorities. Best of all, the couple of minutes that the Enrollment Interview takes will more than make up for the time and effort when you lose your Windows password.
A word about passwords…
If you do forget your password, at the very least, it’s a good sign that you picked a good one – that is, one that no one else could have guessed.
The best passwords are the ones that are the hardest to remember, because they’re composed of random letters and numbers. Moreover, good network security calls for changing passwords every few weeks. As fast and easy as the TAM E-SSO: Desktop Password Reset Adapter Reset Quiz is, it’s still faster to use a password to access your network. Here are some tips for creating and managing your password:
• A meaningless string of characters is best. Mix capital and lowercase letters and use
numbers.
• Avoid using the names of relatives, friends or pets.
• Avoid any meaningful words at all - in any language. If it's in the dictionary, someone can
guess it.
• Don't share your password with others.
• Don't write or post your password - especially on "sticky-notes" near your workstation.
One trick for creating a memorable (and meaningless) password quickly is to take the first letters of a familiar phrase or quote. In this way, "Self trust is the first secret of success" (Emerson) becomes stitfsos.
3 January 2007 Page 1 of 4
Use
r G
uid
e What is the “Enrollment Interview”?
Before you can use TAM E-SSO: Desktop Password Reset Adapter when you really need it – to create a new Windows password – you need to provide the “right” answers to the questions you'll be asked. That’s the purpose of the Enrollment Interview.
To begin enrollment, enter your Email address, select the Langauge to enroll in, and click Start.
The questions in the Interview will be used to create the Reset Quiz you’ll take if you ever need to logon without your password. The answers you provide in the Interview will be the ones used to verify that it's really you.
Note: Reset questions will be displayed in the same language as you enrolled in.
There are two groups of questions in the Enrollment Interview:
• Required Questions You must provide answers to these questions to complete Enrollment.
• Optional Questions These appear at the end of the Interview. You can answer or skip any
of these questions.
It's important that you keep your answers to the questions as brief and as memorable as possible. Avoid punctuation and be careful of spelling, spacing, and punctuation.
Required Questions
You must provide an answer to these questions. This question will be used to create the Reset Quiz. Enter the briefest, simplest answer you can, because
1. you'll need to remember it, and
2. you'll need to type the exact spelling in the Reset Quiz exactly as you type it here.
Be careful of how you use upper- or lowercase characters, and be especially careful of spelling and spaces. Avoid punctuation if possible. Note and follow any format instructions or examples that the question provides.
When you have typed your answer in the text box, click Answer.
Optional Questions
You have the option to answer these questions or skip them. Remember that the more questions you choose to answer, the more secure the Quiz will be.
3 January 2007 Page 2 of 4
Use
r G
uid
e What is the "Reset Quiz"?
If you lose or forget your password, you'll need to reset it, that is, erase the old password you've forgotten and supply a new one. The Reset Quiz is how TAM E-SSO: Desktop Password Reset Adapter makes sure you're really "you" when you need to reset your password.
It’s similar to a bank officer verifying your identity over the telephone by asking for a piece of information only you would be likely to know; your mother’s maiden name is a common example. You may be asked for several such items from different sources - your place of birth, your current address, and so on - that only you would be likely to know. TAM E-SSO: Desktop Password Reset Adapter uses the same idea: not just one question, but a group of questions that confirm your identity.
If you need to reset your password, click the TAM E-SSO: Desktop Password Reset Adapter button on the Windows logon box to begin the Reset Quiz. TAM E-SSO: Desktop Password Reset Adapter displays one of the questions from your Enrollment Interview. Type the answer to the question exactly as you did in the Enrollment Interview, and click Answer. Repeat this process until the New Password box appears.
The Reset Quiz might not use all of the questions from your interview. How many questions the Quiz asks depends on how your administrator has set it up. Questions can have different point-values, and it's your overall score that TAM E-SSO: Desktop Password Reset Adapter uses to authorize a password reset.
Note: Reset questions will be displayed in the same language as you enrolled in.
How to take the Reset Quiz to reset your password
If you forget your password, you can take the Reset Quiz to reset your password at your own workstation from the Windows Logon. Or, you can use Internet Explorer to take the Reset Quiz on any other workstation that's already logged on.
To start the Reset Quiz at the Windows Logon (on your own workstation) 1. Click the TAM E-SSO: Desktop Password Reset Adapter button in the upper-right corner of
the window. TAM E-SSO: Desktop Password Reset Adapter displays a logon prompt that asks
for your User name.
2. Type your user name and click OK. TAM E-SSO: Desktop Password Reset Adapter begins the
Reset Quiz.
To start the Reset Quiz from a logged-on workstation
Note: You will need the Web address of the TAM E-SSO: Desktop Password Reset Adapter Reset Quiz start page to use this method. This address may be available as a link on your organization's intranet or in the Internet Explorer Favorites list.
1. Open Internet Explorer and point the browser to the TAM E-SSO: Desktop Password Reset
Adapter Reset Quiz start page. TAM E-SSO: Desktop Password Reset Adapter displays a
logon prompt that asks for your User name.
2. Type your user name and click OK. TAM E-SSO: Desktop Password Reset Adapter begins the
Reset Quiz.
If you fail the Reset Quiz…
• ...try, try again. TAM E-SSO: Desktop Password Reset Adapter selects and displays Quiz
questions in random order. You may very well be asked different questions on your next try.
3 January 2007 Page 3 of 4
Use
r G
uid
e • ...watch your typing. Your Quiz answers must exactly match the ones you entered during
your Enrollment. How you use upper and lower case letters doesn't matter, but spelling,
spacing, and punctuation do.
• ...and you're using a workstation other than your usual one, make certain that you've
provided the correct --that is, your own - username/ID. You may be taking the Quiz against
another user's answers. That won't work.
If all else fails, you'll have to call your administrator to reset your password. If you do take this last
resort, you should also re-take the Enrollment Interview to revise your answers to be simpler or
easier to remember.
3 January 2007 Page 4 of 4
Appendix. Notices
This information was developed for products and services offered in the U.S.A.
IBM may not offer the products, services, or features discussed in this document in
other countries. Consult your local IBM® representative for information on the
products and services currently available in your area. Any reference to an IBM
product, program, or service is not intended to state or imply that only that IBM
product, program, or service may be used. Any functionally equivalent product,
program, or service that does not infringe any IBM intellectual property right may
be used instead. However, it is the user’s responsibility to evaluate and verify the
operation of any non-IBM product, program, or service.
IBM may have patents or pending patent applications covering subject matter
described in this document. The furnishing of this document does not give you
any license to these patents. You can send license inquiries, in writing, to:
IBM Director of Licensing
IBM Corporation
North Castle Drive
Armonk, NY 10504-1785
U.S.A.
For license inquiries regarding double-byte (DBCS) information, contact the IBM
Intellectual Property Department in your country or send inquiries, in writing, to:
IBM World Trade Asia Corporation
Licensing
2-31 Roppongi 3-chome, Minato-ku
Tokyo 106-0032, Japan
The following paragraph does not apply to the United Kingdom or any other
country where such provisions are inconsistent with local law:
INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS
PUBLICATION “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER
EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS
FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or
implied warranties in certain transactions, therefore, this statement may not apply
to you.
This information could include technical inaccuracies or typographical errors.
Changes are periodically made to the information herein; these changes will be
incorporated in new editions of the publication. IBM may make improvements
and/or changes in the product(s) and/or the program(s) described in this
publication at any time without notice.
Any references in this information to non-IBM Web sites are provided for
convenience only and do not in any manner serve as an endorsement of those Web
sites. The materials at those Web sites are not part of the materials for this IBM
product and use of those Web sites is at your own risk.
IBM may use or distribute any of the information you supply in any way it
believes appropriate without incurring any obligation to you.
© Copyright IBM Corp. 2006 5
Licensees of this program who wish to have information about it for the purpose
of enabling: (i) the exchange of information between independently created
programs and other programs (including this one) and (ii) the mutual use of the
information which has been exchanged should contact:
IBM Corporation
2ZA4/101
11400 Burnet Road
Austin, TX 78758
U.S.A.
Such information may be available, subject to appropriate terms and conditions,
including in some cases, payment of a fee.
The licensed program described in this information and all licensed material
available for it are provided by IBM under terms of the IBM Customer Agreement,
IBM International Program License Agreement, or any equivalent agreement
between us.
Any performance data contained herein was determined in a controlled
environment. Therefore, the results obtained in other operating environments may
vary significantly. Some measurements may have been made on development-level
systems and there is no guarantee that these measurements will be the same on
generally available systems. Furthermore, some measurements may have been
estimated through extrapolation. Actual results may vary. Users of this document
should verify the applicable data for their specific environment.
Information concerning non-IBM products was obtained from the suppliers of
those products, their published announcements or other publicly available sources.
IBM has not tested those products and cannot confirm the accuracy of
performance, compatibility or any other claims related to non-IBM products.
Questions on the capabilities of non-IBM products should be addressed to the
suppliers of those products.
Trademarks
The following terms are trademarks or registered trademarks of International
Business Machines Corporation in the United States, other countries, or both:
AIX
DB2
developerWorks
eServer
IBM
iSeries
Lotus
Passport Advantage
pSeries
RACF
Rational
Redbooks
Tivoli
WebSphere
zSeries
Microsoft®, Windows®, Windows NT®, and the Windows logo are trademarks of
Microsoft Corporation in the United States, other countries, or both.
6 IBM Tivoli Access Manager for Enterprise Single Sign-On: DPRA User Guide
Intel®, Intel Inside® (logos), MMX and Pentium® are trademarks of Intel
Corporation in the United States, other countries, or both.
UNIX® is a registered trademark of The Open Group in the United States and
other countries.
Linux® is a trademark of Linus Torvalds in the U.S., other countries, or both.
Java™ and all Java-based trademarks are trademarks of Sun
Microsystems, Inc. in the United States, other countries, or
both.
Other company, product, and service names may be trademarks or service marks
of others.
Appendix. Notices 7
8 IBM Tivoli Access Manager for Enterprise Single Sign-On: DPRA User Guide
����
Printed in USA
SC32-1993-00
Recommended