What is the best way to deploy the SecureLogin client?

Question

What is the best way to deploy the SecureLogin client?

Answer

SecureLogin comes as an MSI package and can be easily installed on client workstations using any software deployment method such as SMS, IBM Tivoli and Novell ZENWorks. It can also be deployed using msiexec (see the KBase article on MSI switches).

Once the client is installed on the workstation, it reads the SSO configuration from the Directory, including SSO enabled applications, password policies and preferences, and applies it immediately.

Configuration changes can be made at a later stage and will be automatically downloaded to the client. For example, if the project team changes their mind about a preference it can be centrally altered and will be synchronized to users’ desktops.

Some organizations choose to deploy the client but only run SecureLogin Single Sign-on if the user is a member of the SSO group (for example). This means the client can be quickly deployed to all workstations but only starts for users that have specifically been granted access.

In addition, tools are provided to assist you with mass deployment, including a staged approach. For example, you could easily copy your Single Sign-on configuration including which applications are enabled, password policies and preferences from OU=NewYork to OU=Munich using the Microsoft Management Console, and all users residing in OU= Munich and below would automatically inherit the configuration. You can also provision application credentials (e.g. username, password, database name, IP Address, PIN) using the API.