Migrating To A New Ldap Server; Installing Hardware Password Manager On A Lenovo Device - Lenovo ThinkCentre M58 Deployment Manual

3. Run the ThinkManagement Console Autorun.exe from the location where the installation package was
extracted to. Select Install on the core server. Follow the prompts in the Installation wizard and
select Restart Now after installation.
4. Activate the core server by entering your LANDesk contact name and password in the Core Server
Activation Utility (internet connection required).
5. Configure the LDAP Server:
a. Connect the HARDWARE PASSWORD MANAGER server and LDAP Authentication server to network.
b. Launch the ThinkManagement Console.
c. In the toolbox, there is a ThinkVantage Hardware Password Manager group with three items: HPM
Enrolled Users, HPM Groups, and Remote Actions and Policy Settings. Click HPM Groups and then
click Configure LDAP server (the third button) on the toolbar.
d. Enter the information for the LDAP server that will serve as the authentication server. The following
items need to be defined for the LDAP server:
• Hostname: The name of the LDAP server.
• Port: The port number to communicate with the server. The default port is 389 for Microsoft
Active Directory. If you need to query a global catalog to access multiple Active Directory
domains, change the port to 3268. If you select Novell eDirectory as your LDAP server, the
default port is 636.
• Server type: Select the type, either Microsoft Active Directory or Novell eDirectory.
• Encryption type: Select the type of encryption used for communication with the server.
• Authorized user:
– The user name for logging in to the Microsoft Active Directory server.
– A domain\user name or simply a user name.
– The user name for logging in to a Novell eDirectory server.
Note: It is better to use cn=admin name, o=admin context. If Bind Restrictions is set to None,
admin name.admin context will work. If Bind Restrictions is set to Disallow anonymous simple
bind, admin name.admin context will not work.
– Password: The password for the authorized user on the LDAP server.
e. Click OK when the information is complete.
ThinkManagement Console core server setup completes now.

Migrating to a new LDAP server

You may find that you need to change the IP address or hostname of your LDAP server. You may also need
to change to a new server with a different IP address, or even change to a different type of LDAP server.
If any of these changes occurs, you need to create a new LDAP server configuration. To do this, repeat the
LDAP configuration task in step 5 . It is recommended that existing registered HPM devices be deregistered
and then registered once again with the new LDAP configuration. Otherwise, the devices registered with the
old LDAP configuration will not be able to perform various HPM actions such as an intranet account login.

Installing Hardware Password Manager on a Lenovo device

To add Hardware Password Manager features to a Lenovo device, you must deploy an HPM agent to the
device. You can do this by using either a push or a pull method.
To deploy an agent with Hardware Password Manager client features:
6
Hardware Password Manager Deployment Guide