Presentation is loading. Please wait.

Presentation is loading. Please wait.

Password Management Bill Street, Nathan Jensen, Mike Simpson, Will Peterson Identity Management Engineering.

Published byPeregrine Jefferson Modified over 9 years ago

Similar presentations

Presentation on theme: "Password Management Bill Street, Nathan Jensen, Mike Simpson, Will Peterson Identity Management Engineering."— Presentation transcript:

1 Password Management Bill Street, Nathan Jensen, Mike Simpson, Will Peterson Identity Management Engineering

2 © March 21, 2004 Novell Inc. 2 one Net: Information without boundaries…where the right people are connected with the right information at the right time to make the right decisions. The one Net vision Novell exteNd ™ Novell Nsure ™ Novell Nterprise ™ Novell Ngage SM : : : :

3 © March 21, 2004 Novell Inc. 3 The one Net vision Novell Nsure solutions take identity management to a whole new level. Novell Nsure gives you the power to control access so you can confidently deliver the right resources to the right people — securely, efficiently, and best of all, affordably. Novell Nsure ™ Novell exteNd ™ Novell Nsure ™ Novell Nterprise ™ Novell Ngage SM : : : :

4 © March 21, 2004 Novell Inc. 4 Agenda Business Needs Password Management Password Policy Forgotten Password Challenge/Hint Self-Service Interface Notification Templates Password Sync/Set Universal Password Summary

5 © March 21, 2004 Novell Inc. 5 Business Needs Reduce help desk calls related to end-user password problems Manage and share identity and access privileges across disparate systems and platforms Enforce password policy

6 © March 21, 2004 Novell Inc. 6 Novell’s Answer to Password Management Password Policy Password Self-Service Forgotten password features: – Challenge Questions – Hints – Set Password Notification Templates Two-Way Password Synchronization

7 © March 21, 2004 Novell Inc. 7 Password Policy

8 © March 21, 2004 Novell Inc. 8 What is a Password Policy? Password policy (n): A collection of admin-defined rules that specify the criteria for creating and replacing end-user passwords.

9 © March 21, 2004 Novell Inc. 9 Password Policies Policies include: Universal Password Advanced Password Rules Forgotten Password settings Challenge sets Reset password/hint Assignments

10 © March 21, 2004 Novell Inc. 10 Universal password benefits One Password for all access to eDirectory ● Enables the use of Extended characters ● Enables advanced password policies ● Reversible- Synchronization of passwords from eDirectory to other systems Attend session TUT352 for better understanding

11 © March 21, 2004 Novell Inc. 11 What Is a Password Rule? Rules define the criteria for acceptable passwords such as: Password syntax Password properties Password lifetime Use of special characters Password exclusions

12 © March 21, 2004 Novell Inc. 12 Forgotten Password: What is it? Configurable content for password self-service Challenge Sets and selectable actions Show hint on page Allow password reset e-mail password to user

13 © March 21, 2004 Novell Inc. 13 Challenge Sets: What are they? Challenge Sets: A group of questions assigned to a password policy that are used as part of a password policy’s method of authentication. Admin-defined User-defined Random questions Mandatory questions Adds additional level of security Allows for forgotten password self-service

14 © March 21, 2004 Novell Inc. 14 Password Policy: Assignment Policy can be assigned to: user container partition tree All password self-service (including forgotten password functionality) will be governed by the user’s effective policy.

15 © March 21, 2004 Novell Inc. 15 Password Policy Demo

16 © March 21, 2004 Novell Inc. 16 iManager Self-service Console iManager Self-Service Console

17 © March 21, 2004 Novell Inc. 17 Looking at iManager Self-service Console Password self-service for end-user: ge Sets Hint Advanced Change Password

18 © March 21, 2004 Novell Inc. 18 Password Self-service for End-user End-users manage password changes: Set hints, challenge questions/responses Change own password

19 © March 21, 2004 Novell Inc. 19 Configuring Forgotten Password (End-user) Upon authentication, the user’s challenge set may be presented for the user to configure

20 © March 21, 2004 Novell Inc. 20 Change Password (End-user) If challenge questions are answered correctly, end-user may set a password that fits policy criteria. Change in policy voids old password New password must conform to rules of assigned policy Console displays rules to help users create compliant passwords.

21 © March 21, 2004 Novell Inc. 21 Set Password (Admin UI) In addition to user self-service, admin and help desk can set user passwords in iManager.

22 © March 21, 2004 Novell Inc. 22 Password Policy Demo

23 © March 21, 2004 Novell Inc. 23 Notification Templates

24 © March 21, 2004 Novell Inc. 24 Notification Notification templates allow customization for forgotten password actions involving e-mail. e-mail hint e-mail forgotten password

25 © March 21, 2004 Novell Inc. 25 What Are Notification Templates? Notification templates (n): A collection of predefined customizable e-mail messages that are sent to end-users after a certain action is performed, e.g. password expires, synchronization failure, etc.

26 © March 21, 2004 Novell Inc. 26 Notification Templates Features: Set of 5 predefined templates Modifiable through administration tool Send messages in HTML or Text

27 © March 21, 2004 Novell Inc. 27 Password Notification Templates

28 © March 21, 2004 Novell Inc. 28 Templates contain tags that act as placeholders for user information Message in editable HTML Templates contain tags that act as placeholders for user information Message in editable HTML Modifying Templates

29 © March 21, 2004 Novell Inc. 29 Modifying Templates

30 © March 21, 2004 Novell Inc. 30 Password Policy Demo

31 © March 21, 2004 Novell Inc. 31 Password Sync Password Synchronization

32 © March 21, 2004 Novell Inc. 32 Password Synchronization Apply policy to connected systems Set passwords in native interfaces Synchronize passwords to and from numerous systems Required changes Where do I get Password management? Where do I get advanced password management?

33 © March 21, 2004 Novell Inc. 33 Applying policy to connected systems User sets password on participating systems: Active directory NT Domains NIS (UNIX) eDir Password is captured, and sent securely to the DirXML server Conforms to Policy? Password is set on the user object in the identity Vault Password isdistributed to associated user objects on connected systems that support subscription to the passoword attribute Reset password on participating system to last “good” password. Failure notice sent via email. NO YES

34 © March 21, 2004 Novell Inc. 34 Password flow to connected systems Imanager self console is used to enter a new password 1 Password is checked for conformance to policies 2 Password is set on the user object in the identity Vault. 3 Password is distributed to associated user objects on connected systems that support subscription to passwords 4 Active Directory NT NIS eDirectory SAP User Management Groupwise Lotus Notes LDAP, such as SunOne Relational Databases: Oracle DBZ Sybase Imanager web server DirXML User

35 © March 21, 2004 Novell Inc. 35 Enabling Universal Password

36 © March 21, 2004 Novell Inc. 36 NDS Password Simple Password Universal Password Distribution Password Password management imanager Imanager self-service console Novell Client, Universal Password enabled LDAP eGuide ConsoleOne (Universal Password enabling depends on Client or NetWare) Novell Client, not Universal Password enabled NMAS 2.3

37 © March 21, 2004 Novell Inc. 37 Password Set: Supported systems of Password set Active Directory Delimited Text eDirectory Exchange 5.5 GroupWise JDBC LDAP Lotus Notes NIS (UNIX) NT Domain PeopleSoft SAP HR User Management of SAP Software Schools Interoperability Framework (SIF) JMS WebSphere MQ

38 © March 21, 2004 Novell Inc. 38 Supported Systems of Password Sync Sync: Drivers that support synchronizing passwords in both directions, meaning publishing from the connected system to the DirXML data store, and subscribing to passwords from the DirXML data store. Active Directory eDirectory NDS NIS NT Domain

39 © March 21, 2004 Novell Inc. 39 Required Changes for Universal Password Support Upgrade the infrastructure to Universal Password versions of administration and client utilities eDir 8.7.1 or later NMAS 2.3 NICI 2.6.2 LDAP server 8.7.1 iManager 2.0.1 Identity Manager 2 (Password Sync) New client 32 and NT client, or no client at all

40 © March 21, 2004 Novell Inc. 40 Password Management: How do I get it? Password Management features Password Policy Forgotten password Hint and Challenge-Response Self-service Free web download

41 © March 21, 2004 Novell Inc. 41 Advanced Password Management: How do I get it? Apply Policy to connected systems Synchronize passwords to connected systems Synchronize passwords from connected systems Included with Novell Nsure Identity manager 2 Available via web download for free 90-day trial

42 © March 21, 2004 Novell Inc. 42 Novell Confidential – Internal Use Only Version 2002-3 Password Management Summary Password Sync Password Policies enforced against connected systems Two-way sync Supports LDAP password change (Novell Client not required) Uses Universal Password Password Policies Advanced Password Rules Forgotten Password self-service Challenge-Response Hint Notification Templates

43 © March 21, 2004 Novell Inc. 43 For more information… 1R – 1T 1Q 1L 1M 1O 1N 1U www.novell.com/nsure To see Novell Nsure products and solutions in action, check out the following demonstrations in the BrainShare one Net Solutions Lab: Novell Nsure Identity Manager (formerly DirXML) Novell Account Management Novell Nsure SecureLogin Novell iChain Novell Nsure Audit Novell BorderManager Novell Nsure solutions

44

45 © March 21, 2004 Novell Inc. 45 General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. Novell, Inc., makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc., reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.

Download ppt "Password Management Bill Street, Nathan Jensen, Mike Simpson, Will Peterson Identity Management Engineering."

Similar presentations

December 29, 2013 Willem Bagchus Master CNE, CLP, MCP Senior SE, Senior Trainer GWAVA Reload.

December 29, 2013 Willem Bagchus Master CNE, CLP, MCP Senior SE, Senior Trainer GWAVA Reload.
Reduce Cost & Complexity Partner logo here Presenters Name (16pt) Presenters Title (14pt) Company/e-mail (14pt) Manage and Deploy Applications using Virtualization.

Reduce Cost & Complexity Partner logo here Presenters Name (16pt) Presenters Title (14pt) Company/ (14pt) Manage and Deploy Applications using Virtualization.
Nsure ™ Audit Essentials Rick Meredith Software Engineer Novell, Inc. Jaime Brimhall Software Engineer Novell, Inc.

Nsure ™ Audit Essentials Rick Meredith Software Engineer Novell, Inc. Jaime Brimhall Software Engineer Novell, Inc.
Deploying GEE Whiz Enterprise Anti-SPAM for GroupWise ® and NetMail ® Aldo Zanoni Master CNI SM, B.A., B.Ed. Director of Customer Service, Omni Technology.

Deploying GEE Whiz Enterprise Anti-SPAM for GroupWise ® and NetMail ® Aldo Zanoni Master CNI SM, B.A., B.Ed. Director of Customer Service, Omni Technology.
How to Successfully Cluster GroupWise Gregg A. Hinchman Consultant, Hinchman Consulting Ed Hanley Senior Consultant, Novell.

How to Successfully Cluster GroupWise Gregg A. Hinchman Consultant, Hinchman Consulting Ed Hanley Senior Consultant, Novell.
SAN Design Considerations Hylton Leigh Senior Consultant Novell Consulting, UK Stuart Thompson Senior Consultant Novell Consulting, UK.

SAN Design Considerations Hylton Leigh Senior Consultant Novell Consulting, UK Stuart Thompson Senior Consultant Novell Consulting, UK.
How to Implement a Cluster of Clusters Atiq Adamjee Senior Architect Novell, Inc. Brad Rupp Software Engineer Novell, Inc.

How to Implement a Cluster of Clusters Atiq Adamjee Senior Architect Novell, Inc. Brad Rupp Software Engineer Novell, Inc.
Upgrading to Novell ® SecureLogin 3.5 Rod Tietjen,

Upgrading to Novell ® SecureLogin 3.5 Rod Tietjen,
Studio 5 João Ferreira EMEA Product Specialist (exteNd) Studio Product manager, Novell, Inc.

Studio 5 João Ferreira EMEA Product Specialist (exteNd) Studio Product manager, Novell, Inc.
Developing for Novell ® Nsure ™ SecureLogin Gordon Mathis Senior Software Engineer, Novell Inc.

Developing for Novell ® Nsure ™ SecureLogin Gordon Mathis Senior Software Engineer, Novell Inc.
DIR-835A1 Wireless N750 Dual-Band Router Wireless & Router Product Div. July 2011 D-Link WRPD.

DIR-835A1 Wireless N750 Dual-Band Router Wireless & Router Product Div. July 2011 D-Link WRPD.
Document Management with GroupWise ® Gregg Hinchman Consultant Hinchman Consulting Jerry Winkel Novell Escalation Engineer.

Document Management with GroupWise ® Gregg Hinchman Consultant Hinchman Consulting Jerry Winkel Novell Escalation Engineer.
Nsure ™ Audit: Instrumenting Custom Applications Rick Meredith Jason Arrington Nsure Audit Engineering Novell, Inc.

Nsure ™ Audit: Instrumenting Custom Applications Rick Meredith Jason Arrington Nsure Audit Engineering Novell, Inc.
Configuring Novell Account Management with Identity Manager for Linux and UNIX Doug Anderson Product Manager Boyd Wilson Product Architect,

Configuring Novell Account Management with Identity Manager for Linux and UNIX Doug Anderson Product Manager Boyd Wilson Product Architect,
Implementing the DirXML ® Starter Pack on NetWare ® 6.5 Richard Moore, Novell DirXML Engineering Stuart Mansell, Novell Consulting.

Implementing the DirXML ® Starter Pack on NetWare ® 6.5 Richard Moore, Novell DirXML Engineering Stuart Mansell, Novell Consulting.
Understanding the Architecture of Identity Manager 2 (formerly DirXML) Dave Horne Engineering Manager Steve Weitzeil Identity Solutions.

Understanding the Architecture of Identity Manager 2 (formerly DirXML) Dave Horne Engineering Manager Steve Weitzeil Identity Solutions.
Implementing Novell iChain ® at the City of Los Angeles Adam Loughran Senior Systems Engineer, Novell Robert Gillette IS Development Manager, City of Los.

Implementing Novell iChain ® at the City of Los Angeles Adam Loughran Senior Systems Engineer, Novell Robert Gillette IS Development Manager, City of Los.
Benefits of a SUSE ® Subscription Insert Presenter's Name (16pt) Insert Presenter's Title (14pt) Insert Company/Email (14pt)

Benefits of a SUSE ® Subscription Insert Presenter's Name (16pt) Insert Presenter's Title (14pt) Insert Company/ (14pt)
Configuring Identity Manager 2 (formerly DirXML ® ) for JDBC (w/DirXML) Jason Elsberry Software Engineer

Configuring Identity Manager 2 (formerly DirXML ® ) for JDBC (w/DirXML) Jason Elsberry Software Engineer
Implementing iChain ® in the Wild: Life beyond the lab Rich Roberts Senior Architect – Novell Consulting Novell Inc. Jim Short iChain Guru – Novell Consulting.

Implementing iChain ® in the Wild: Life beyond the lab Rich Roberts Senior Architect – Novell Consulting Novell Inc. Jim Short iChain Guru – Novell Consulting.

Similar presentations

Ads by Google