Novell IDENTITY MANAGER 3.6.1 - SECURITY Manual
Hide thumbs
Also See for IDENTITY MANAGER 3.6.1 - SECURITY:
- Installation manual (104 pages) ,
- Reporting manual (54 pages) ,
- Overview (32 pages)
Table of Contents
Advertisement
Quick Links
Download this manual
See also:
Installation Manual
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for Novell IDENTITY MANAGER 3.6.1 - SECURITY
Summary of Contents for Novell IDENTITY MANAGER 3.6.1 - SECURITY
- Page 1 AUTHORIZED DOCUMENTATION Security Guide Novell ® Identity Manager 3.6.1 June 05, 2009 www.novell.com Identity Manager 3.6 Security Guide...
- Page 2 Further, Novell, Inc. reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes.
- Page 3 Novell Trademarks For Novell trademarks, see the Novell Trademark and Service Mark list (http://www.novell.com/company/legal/ trademarks/tmlist.html). Third-Party Materials All third-party trademarks are the property of their respective owners.
- Page 4 Identity Manager 3.6 Security Guide...
-
Page 5: Table Of Contents
Contents About This Guide 1 Security Best Practices Using SSL ..............9 Securing Directory Access . - Page 6 Identity Manager 3.6 Security Guide...
-
Page 7: About This Guide
® A trademark symbol ( , etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party trademark. When a single pathname can be written with a backslash for some platforms or a forward slash for other platforms, the pathname is presented with a backslash. - Page 8 Identity Manager 3.6 Security Guide...
-
Page 9: Security Best Practices
There is an issue with the file system when the Remote Loader is installed on a Windows* 2000 server. For more information, see TID 3243550, Securing a Remote Loader Install on a Microsoft Windows 2000 Server (http://www.novell.com/support/ search.do?cmd=displayKC&docType=kc&externalId=3243550&sliceId=SAL_Public&dialogID=4 7824778&stateId=0%200%2047832401). Access Rights: Identity Manager requires Administrative rights to create Identity Manager objects and configure drivers. -
Page 10: Granting Task-Based Access To Drivers And Driver Sets
Driver configuration objects (filters, style sheets, policies), especially policies that are used for password retrieval or synchronization Password policy objects (and the iManager task for editing them), because they control which passwords are synchronized to each other, and which Password Self-Service options are used 1.2.1 Granting Task-Based Access to Drivers and Driver Sets In addition to the eDirectory standard object-based access controls, Identity Manager lets you assign trustee rights to perform only certain tasks on an Identity Manager driver, rather than just granting... -
Page 11: Managing Passwords
To prevent Password Hints from being set, you can go a step further and remove the Hint Setup gadget completely, as described in “Disabling Password Hint by Removing the Hint Gadget” in the Password Management 3.2 Administration Guide (http://www.novell.com/ documentation/password_management32/index.html). Challenge Questions are publicly readable, to allow unauthenticated users who have forgotten a password to authenticate another way. -
Page 12: Creating Strong Password Policies
Novell Password Management 3.2 Administration Guide (http://www.novell.com/documentation/ password_management32/pwm_administration/data/ampxjj0.html). For example, using Novell password syntax options, you can require user passwords to comply with rules such as the following: Requiring unique passwords. You can prevent users from reusing passwords, and control the number of passwords the system should store in the history list for comparison Requiring a minimum number of characters in the password. -
Page 13: Securing Connected Systems
User objects in eDirectory, either periodically or on demand. This functionality is designed primarily to support products like Novell Certificate Login, but can also be used in other situations. Invoking the password generation job initializes NMAS with the password policy, and the following occurs for each object in the specified job scope: 1. -
Page 14: Designer For Identity Manager
1.6 Designer for Identity Manager When using Designer for Identity Manager, consider the following issues: Monitor and control who has rights to create or modify an Identity Manager driver. Administrative rights are needed to create Identity Manager objects and configure drivers. Before giving a consultant an Identity Vault administrator password, limit the rights assigned to that administrator to areas of the tree that the consultant must access. -
Page 15: Tracking Changes To Sensitive Information
Section 1.8.2, “Using Designer to Log Events,” on page 16 1.8.1 Using iManager to Log Events You can use Novell Audit to log events that you consider important for security. For example, you could log password changes for a particular Identity Manager driver (or driver set) by doing the following: 1 In iManager, select eDirectory Administration >... -
Page 16: Using Designer To Log Events
In Operation Events, select Change Password. This item monitors direct changes to the NDS password. In Transformation Events, select Password Set and Password Sync. These two items monitor events for the Universal Password and Distribution Password. 5 Click OK twice. 1.8.2 Using Designer to Log Events You can log events that apply to a driver set or to a driver. - Page 17 2 Select Driver Set Log Level, then select Log Specific Events. 3 Click the Select Events to Log icon. Security Best Practices...
- Page 18 4 Select events to log, then click OK. Logging Events for a Driver 1 In Designer, right-click a driver, then select Properties. 2 Select Driver Log Level, then select Log Specific Events. 3 If you prefer, you can accept the settings for the driver set, then click OK. Identity Manager 3.6 Security Guide...
- Page 19 Deselect Use log settings from the Driver Set, select Log specific events, then click OK. 4 Click the Select Events to Log icon. 5 Select events to log, then click OK. Security Best Practices...
- Page 20 Identity Manager 3.6 Security Guide...
Need help?
Do you have a question about the IDENTITY MANAGER 3.6.1 - SECURITY and is the answer not in the manual?
Questions and answers