Where is SSO data stored in an NT 4.0 domain environment? Is anything special required?

  • Document ID:7940226
  • Creation Date:19-Aug-2009
  • Modified Date:16-Jan-2014
    • Micro Focus Products:
      SecureLogin

Archived Content: This information is no longer maintained and is provided 'as is' for your convenience.

Environment

SecureLogin
SecureLogin SSO
All Versions
NT 4.0


Situation

Question

In Directory configurations such as Microsoft ADS or Novell eDirectory SecureLogin data is stored in the Directory schema. Where is the data stored in NT 4.0 domain environments?

Resolution

Answer

In NT 4.0 domain environments, SecureLogin data such as SSO enabled applications, settings and the user’s passphrase is encrypted and stored in the file system as *.SCS files.

User specific data such as their passphrase, usernames and passwords to applications and any user specific settings and applications is stored in the user’s home drive.

To ensure this is possible the following must be true:

  • The user has a drive mapped rooted to their home directory e.g. \servernameusershome
  • The user has the environment variable HOMEDRIVE set to the drive letter of the home drive
  • The user has the environment variable HOMEPATH set to the user’s name (%USERNAME%)

The environment variables can be viewed by typing ""SET"" in the command prompt. They are typically set in the login script.

Corporate SecureLogin data such as SSO enabled applications, settings and password policies is stored on the server. It must be stored in a location that all users who require it have read access to (e.g. a public directory).

The .SCS file for corporate/group data is created using SecureLogin Manager, which comes with the SecureLogin NT 4.0 client.

To configure users to read a particular SCS file for their SecureLogin data, you must specify the file name of the appropriate .SCS file with the following registry setting (or in the command line etc. if SecureLogin is being loaded some other way):

HKLMSoftwareMicrosoftWindowsCurrentVersionRunSecureLogin ""SLProto.Exe x:scriptname.scs""

When it starts, SecureLogin reads both the user and corporate .SCS files and loads the SSO enabled applications, settings, password policies, usernames and passwords etc. User specific settings override corporate settings. If you have made settings on the user object, these will override corporate settings in the .SCS file that is read when SLProto.Exe is started.

Contact ActivIdentity Suport for an up to date statement regarding NT 4.0 support (considering it is no longer supported by Microsoft).