Creating a Single Sign-on Environment

Previous page
Table of content
Next page

When logging in to multiple networks, one of the first things that is requested is the ability for a user to type in a logon name and password, and not have to be prompted to enter a logon and password for each additional network being accessed. The request is to have a single logon name and password that can be entered so that the user can access both Microsoft and Novell resources with an initial logon and password entry.

There are several ways that a single sign-on can be accomplished. The key to having an effective single sign-on process is to synchronize logon names and passwords between the multiple environments. When the logon names and passwords are identical, it's just a matter of having the logon process connect to each of the different systems.

The Effectiveness of a Dual-Client Authentication Method of Access

One way that organizations try to accomplish a single sign-on process is to load both the Microsoft and Novell client software programs on the same system. With the same logon name and password, users think they have a fully integrated single sign-on process because they can access both a Microsoft and Novell network with a single logon.

Unfortunately a dual-client configuration does not provide manageability between the multiple logons . Effectively the single sign-on works until the user changes his or her password. Because the system was working on a dual-client architecture, changing the password on one operating system does not synchronize the password on the other network operating system. Each system will require a separate password change sequence.

So although the logon process with dual clients only requires a single logon and password entry when the logon names and passwords are identical, there is no manageability between the platforms. The user has to make password changes on each of the operating environments.

Synchronizing Directories as a Method of Shared Logon

To effectively create a fully managed single sign-on environment, the logon names and passwords on the network systems need to be synchronized. There are many ways to try to accomplish this; however, the Microsoft Services for NetWare includes the Microsoft Directory Synchronization Service (MSDSS) tool that not only maintains a link between user accounts in Active Directory and NetWare, but also synchronizes user's passwords.

MSDSS enables users to change their passwords on the NetWare system and have the password automatically replicate to the Windows system. And the user can also change the password on the Windows systems and have the password updated on the NetWare system. This automated synchronization of user accounts and passwords across Windows and NetWare provides an easy way for an organization to maintain common logon and password information throughout a migration process.


Previous page
Table of content
Next page
Microsoft Windows Server 2003 Insider Solutions
Microsoft Windows Server 2003 Insider Solutions
ISBN: 0672326094
EAN: 2147483647
Year: 2003
Pages: 325
Authors: Rand Morimoto, Andrew Abbate, Eric Kovach, Ed Roberts
BUY ON AMAZON
The .NET Developers Guide to Directory Services Programming
VBScript Programmers Reference
Systematic Software Testing (Artech House Computer Library)
Ruby Cookbook (Cookbooks (OReilly))
InDesign Type: Professional Typography with Adobe InDesign CS2
VBScript in a Nutshell, 2nd Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy