Active Topics          Search          Help
            Register          Login
Riva Integration Server for GroupWise
 Omni Web Forum : Riva Integration Server for Exchange and GroupWise : Riva Integration Server for GroupWise
Subject Topic: How to Enable Universal Password and NMAS Post ReplyPost New Topic
Author
Message
Gordon Welling
Admin Group
Admin Group

Manager Technnical Support Services

Joined: 11-December-2003
Location: Canada
Posts: 608
Posted: 27-May-2008 at 12:22pm
Background - Certain CRM systems do not support a "Trusted Account" or "Pseudo Account" to allow Riva CRM Enterprise Edition to transparently access multiple CRM accounts.

An example of these systems is Salesforce.com.  Riva CRM for GroupWise - Enterprise Edition can leverage Novell's Universal Password to overcome this CRM limitation.

Administrators use Novell Modular Authentication Services (NMAS) to create Universal Password policies that are assigned to user containers.

The following three conditions are required to complete the process to support NMAS password access for CRMs that don't support a "Trusted Account":
  • the NMAS Universal Password be configured (see below),
  • that the eDirectory and CRM user name be the same, and
  • that the user CRM password matches the Universal Password.
This configuration allows Riva Enterprise Edition to transparently authenticate to the CRM accounts to be synchronized.

If your CRM supports Impersonation or LDAP Authentication, we highly recommend enabling that functionality instead of using NMAS.  LDAP Authentication simplifies password management and allows your CRM to use the eDirectory login and password.

Enabling NMAS - Follow the applicable Novell instructions to install and enable Novell Modular Authentication Service  (NMAS).

Create Universal Password Policy - You can use an existing password policy if one exists in iManager.  If a password policy in iManager does not exist, use the following steps to create a password policy for Universal Password management to support NMAS password extraction:
  1. Login to iManager (http://ipaddress-of-server/nps) as the admin user.
  2. Under "Roles and Tasks", select "Passwords" > "Password Policies".
  3. Click "New..." to run the create password policy wizard.
  4. For Step 1 of 8: provide a "Policy Name", and "Description" (optional) and "Password Change Message"  (optional).  Click "Next >>".
  5. For Step 2 of 8: select "Yes" and check "Enable the Advanced Password Rules (go to Step 3)".  Click "View  Options" and make desired changes.  For Riva CRM Enterprise Edition, we recommend that you accept the default  options.  Click "Next >>".
  6. For Step 3 of 8: make any necessary changes to support your environment and click "Next >>".
  7. For Step 4 of 8: select either Yes or No (the default is "No" which will skip steps 5 and 6).  Click "Next >>".
  8. For Step 7 of 8: Click the magnify glass icon, browse and select the different containers of users that will be  assigned this universal password policy.  Click "Next >>".
  9. For Step 8 of 8: Click "Finish" and "Close".
Identify Account to Retrieve Passwords

In these steps, modify a pre-existing password policy or the password policy created in the "Create Universal Password Policy" steps above to identify the eDirectory account that will (is used) in the Riva eDirectory connection wizard (this user must have supervisor rights to the GroupWise system):
  1. In iManager, under "Roles and Tasks", select "Passwords" and "Password Policies".
  2. Click on the name of the desired password policy.
  3. Click the "Universal Password" tab and the "Configuration Options" link.
  4. Ensure that "Enable Universal Password" is checked.
  5. Ensure that "Synchronize NDS password when setting Universal Password" is checked.
  6. Ensure that "Allow user to retrieve password" is checked.
  7. Ensure that "Allow admin to retrieve password" is not checked.
  8. Click "Insert..." and navigate and select the eDirectory user that is or will be used in the Riva eDirectory connection wizard.
  9. Click "Apply" and "OK".
References:

Novell Password Admin Guide - http://www.novell.com/documentation/password_management32/in dex.html
Novell Modular Authentication Guide - http://www.novell.com/documentation/nmas32/index.html
Novell Cool Solution - Universal Password - http://wiki.novell.com/index.php/Universal_Password
LDAP / Universal Password with eDirectory 8.8 - http://www.novell.com/coolsolutions/appnote/19038.html



Edited by Gordon Welling on 12-January-2009 at 2:10pm
Back to Top
 

If you wish to post a reply to this topic you must first login
If you are not already registered you must first register

  Post ReplyPost New Topic
Printable version Printable version

Forum Jump
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot delete your posts in this forum
You cannot edit your posts in this forum
You cannot create polls in this forum
You cannot vote in polls in this forum



This page was generated in 0.0781 seconds.