White Paper. Software version: 5.0 www.wmsoftware.com



Similar documents
Quick Install Guide - Safe AutoLogon For First-time Users - Installing and Running the Software. Published: February 2013 Software version: 5.

Troubleshooting File and Printer Sharing in Microsoft Windows XP

Hyper-V Server 2008 Setup and Configuration Tool Guide

Version 3.8. Installation Guide

Lepide Active Directory Self Service. Installation Guide. Lepide Active Directory Self Service Tool. Lepide Software Private Limited Page 1

File and Printer Sharing with Microsoft Windows

Dell Statistica Statistica Enterprise Installation Instructions

How to Secure a Groove Manager Web Site

Technical Brief for Windows Home Server Remote Access

How To Set Up A Load Balancer With Windows 2010 Outlook 2010 On A Server With A Webmux On A Windows Vista V (Windows V2) On A Network With A Server (Windows) On

Quick Start Guide for Parallels Virtuozzo

Hands-On Lab: WSUS. Lab Manual Expediting WSUS Service for XP Embedded OS

Lab Answer Key for Module 9: Active Directory Domain Services. Table of Contents Lab 1: Exploring Active Directory Domain Services 1

CRM to Exchange Synchronization

Pipeliner CRM Phaenomena Guide Add-In for MS Outlook Pipelinersales Inc.

WINDOWS 7 & HOMEGROUP

CRM to Exchange Synchronization

Getting started. Symantec AntiVirus Corporate Edition. About Symantec AntiVirus. How to get started

Windows Small Business Server 2003 Upgrade Best Practices

Management Reporter Integration Guide for Microsoft Dynamics AX

Quick Start Guide for VMware and Windows 7

Pearl Echo Installation Checklist

Windows BitLocker Drive Encryption Step-by-Step Guide

CONFIGURING MICROSOFT SQL SERVER REPORTING SERVICES

Lab Answer Key for Module 6: Configuring and Managing Windows SharePoint Services 3.0. Table of Contents Lab 1: Configuring and Managing WSS 3.

Dell Spotlight on Active Directory Deployment Guide

Server Installation Guide ZENworks Patch Management 6.4 SP2

How To Create An Easybelle History Database On A Microsoft Powerbook (Windows)

Pipeliner CRM Phaenomena Guide Administration & Setup Pipelinersales Inc.

Microsoft Business Solutions Navision 4.0 Development I C/SIDE Introduction Virtual PC Setup Guide. Course Number: 8359B

How To Set Up Chime For A Coworker On Windows (Windows) With A Windows 7 (Windows 7) On A Windows 8.1 (Windows 8) With An Ipad (Windows).Net (Windows Xp

Symantec AntiVirus Corporate Edition Patch Update

Installing Windows Rights Management Services with Service Pack 2 Step-by- Step Guide

The 2007 R2 Version of Microsoft Office Communicator Mobile for Windows Mobile: Frequently Asked Questions

Pipeliner CRM Phaenomena Guide Getting Started with Pipeliner Pipelinersales Inc.

EventTracker: Support to Non English Systems

VeriSign PKI Client Government Edition v 1.5. VeriSign PKI Client Government. VeriSign PKI Client VeriSign, Inc. Government.

NTP Software File Auditor for Windows Edition

INSTALLING MICROSOFT SQL SERVER AND CONFIGURING REPORTING SERVICES

Windows Server Update Services 3.0 SP2 Step By Step Guide

Dell One Identity Cloud Access Manager How to Configure Microsoft Office 365

Deploying the Workspace Application for Microsoft SharePoint Online

Lepide Event Log Manager. Users Help Manual. Lepide Event Log Manager. Lepide Software Private Limited. Page 1

Lepide Software. LepideAuditor for File Server [CONFIGURATION GUIDE] This guide informs How to configure settings for first time usage of the software

Creating and Deploying Active Directory Rights Management Services Templates Step-by-Step Guide

Getting Started. Symantec Client Security. About Symantec Client Security. How to get started

RSA Authentication Agent 7.2 for Microsoft Windows Installation and Administration Guide

Step-by-Step Guide to Setup Instant Messaging (IM) Workspace Datasheet

HYPERION SYSTEM 9 N-TIER INSTALLATION GUIDE MASTER DATA MANAGEMENT RELEASE 9.2

OPC and DCOM: 5 things you need to know Author: Randy Kondor, B.Sc. in Computer Engineering

Sophos Anti-Virus standalone startup guide. For Windows and Mac OS X

Administrators Help Manual

SafeNet Authentication Manager Express. Upgrade Instructions All versions

Data Collection Agent for Active Directory

Project management - integrated into Outlook

RSA Authentication Agent 7.1 for Microsoft Windows Installation and Administration Guide

Customer Tips. Configuring Color Access on the WorkCentre 7328/7335/7345 using Windows Active Directory. for the user. Overview

Diamond II v2.3 Service Pack 4 Installation Manual

AD RMS Step-by-Step Guide

How to Install MS SQL Server Express

Quick Start Guide For Ipswitch Failover v9.0

SQL Server 2008 R2 Express Installation for Windows 7 Professional, Vista Business Edition and XP Professional.

Lab Answer Key for Module 1: Installing and Configuring Windows Server Table of Contents Lab 1: Configuring Windows Server

DCOM Configuration for Windows NT4, Windows 2000, Windows XP, and Windows XP Service Pack 2

DESlock+ Basic Setup Guide ENTERPRISE SERVER ESSENTIAL/STANDARD/PRO

MBAM Self-Help Portals

Introduction to Hyper-V High- Availability with Failover Clustering

Microsoft Corporation. Status: Preliminary documentation

Symantec Backup Exec TM 11d for Windows Servers. Quick Installation Guide

Core Protection for Virtual Machines 1

Dell Statistica Document Management System (SDMS) Installation Instructions

TrueEdit Remote Connection Brief

Update and Installation Guide for Microsoft Management Reporter 2.0 Feature Pack 1

Version 5.0. SurfControl Web Filter for Citrix Installation Guide for Service Pack 2

EventTracker Enterprise v7.3 Installation Guide

Connection Broker The Leader in Managing Hosted Desktop Infrastructures and Virtual Desktop Infrastructures (HDI and VDI) DNS Setup Guide

Hyper-V Server 2008 Getting Started Guide

Microsoft FTP Configuration Guide for Helm 4

Step-by-Step Guide for Microsoft Advanced Group Policy Management 4.0

formerly Help Desk Authority Upgrade Guide

Installation Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

PHD Virtual Backup for Hyper-V

How to Install Microsoft Mobile Information Server 2002 Server ActiveSync. Joey Masterson

Dell Recovery Manager for Active Directory 8.6. Quick Start Guide

Lepide Event Log Manager: Installation Guide. Installation Guide. Lepide Event Log Manager. Lepide Software Private Limited

VERITAS Backup Exec 9.1 for Windows Servers Quick Installation Guide

Active Directory Reporter Quick start Guide

Quick Install Guide. Lumension Endpoint Management and Security Suite 7.1

How To- Create Local Account and Active Directory Authentication EventTracker Enterprise

Enterprise Manager. Version 6.2. Installation Guide

NetWrix Account Lockout Examiner Version 4.0 Administrator Guide

Matisse Installation Guide for MS Windows. 10th Edition

How To Set Up Safetica Insight 9 (Safetica) For A Safetrica Management Service (Sms) For An Ipad Or Ipad (Smb) (Sbc) (For A Safetaica) (

Management Reporter Integration Guide for Microsoft Dynamics GP

Pipeliner CRM Phaenomena Guide Sales Pipeline Management Pipelinersales Inc.

High Availability Setup Guide

Polar Help Desk Installation Guide

Installing CaseMap Server User Guide

DriveLock Quick Start Guide

Step By Step Guide: Demonstrate DirectAccess in a Test Lab

Transcription:

Safe AutoLogon Password Server Using Safe AutoLogon Password Server to manage Safe AutoLogon clients for seamless and centrally managed automatic logons White Paper Software version: 5.0 www.wmsoftware.com

Contents Introduction... 1 Safe AutoLogon... 1 A Complete Solution: Safe AutoLogon + Safe AutoLogon Password Server... 2 Installing an SRV record for the SALPS on DNS... 3 Installing and Configuring the SALPS Software... 4 Safe AutoLogon client Installation and Configuration... 6 Hardware and Software Requirements... 7

Introduction Since Microsoft Windows NT, there has always been a way of automating the logon process by storing the username, password, and domain name in the registry database. This feature permits other users to start the computer and to use the account in the registry database to automatically log on. The registry key (HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon) that stores this information is remotely readable by the Authenticated Users group. However, using this feature can pose a serious security risk because the username, password, and domain name are all stored in unencrypted clear text, making it relatively easy for anyone to see. Another problem arises when a user wants to bypass the automatic logon. The user can bypass automatic logon by holding down the SHIFT key as Windows is starting. The problem of bypassing the automatic logon feature is that the original DefaultUserName is no longer kept for subsequent logons, because the name of the last user to logon is retained in the Username box of the Welcome dialog box and the Registry. To reenable the automatic logon once again, the original username and password must be entered again in the registry. Safe AutoLogon To enable automatic logon, WM Software created Safe AutoLogon. This software product stores the username, password, and domain in a AES/Triple DES encrypted format using the maximum encryption the operating system is capable of, typically 256-bit. This high-strength encryption keeps the logon information safe from spy ware, viruses, mal ware, or malicious users that try and gain access to the logon information. The one issue for Enterprise customers wanting to enable automatic logon has been keeping the passwords synchronized while avoiding the labor intensive process of manually updating each Safe AutoLogon client. One way to automate this password updating is to use a logon script that contains the encrypted password string and updates the registry. However, the computer must be logging in with the very username that has had their password changed, so that option is unavailable. Another way to automate the password updating is to update through the remote registry connection, but this is both manually intensive and it also requires the computer to be turned on and not logged on with the old password. Fig 1. The main Safe AutoLogon client screen. The user selections are in the Options section. Another issue is how to handle computers that are not powered on for a time period after the password change has taken place. Configuring Safe AutoLogon Password Server 1

A Complete Solution: Safe AutoLogon + Safe AutoLogon Password Server To address the needs of the Enterprise, WM Software has created a product to manage clients running Safe AutoLogon, Safe AutoLogon Password Server (SALPS). This software solution allows Safe AutoLogon clients to retrieve their password automatically from a central database before the automatic logon even takes place. It also remotely manages software installs and settings for Safe AutoLogon clients, and can enable companies to follow their internal password policies and HIPAA compliance very easily. The SALPS software can be installed on any Windows server, including Windows 2003, Windows 2008, Windows 2008 R2, or Windows 2012 server. The process the Safe AutoLogon client uses to logon is as follows: 1. Before logon, the client contacts a SALPS server and sends to the SALPS server the encrypted user logon name and domain. 2. The SALPS server replies with the encrypted password. 3. The Safe AutoLogon client uses this new password to proceed with the automatic logon. Fig 2. The SALPS and the Safe AutoLogon client interact before the automatic logon occurs. It is recommended to have 2+ SALPS servers on the network to ensure successful logons. The SALPS server stores the user logon names and passwords for the Safe AutoLogon clients. It can also replicate with other SALPS servers. The database is also 256-bit AES encrypted. At the Safe AutoLogon client, the names of the SALPS servers are stored. These are saved in the Safe AutoLogon settings so, at boot, the Safe AutoLogon client knows the SALPS server names that contain the password for the given logon name. Configuring Safe AutoLogon Password Server 2

Installing an SRV record for the SALPS on DNS After installing the SALPS, you then register the computer running SALPS in DNS using an SRV record. Computers that startup and login will then know where the SALPS server is located, as they look for the _wmssalps salps SRV record using DNS. Here are the steps to manually add an SRV record to a Windows Active Directory computer running DNS. The following steps are taken from a Windows Server 2003 DNS server. These steps may vary on other operating systems - contact your domain administrator if necessary. 1. From Start/Run, type in dnsmgmt.msc and press OK 2. Left-click on _tcp under DNS\[server_name [server_name]\forward Lookup Zones\[fqdn] 3. Right-click on _tcp and choose Other New Records 4. Choose Service Location (SRV) and press Create Record 5. Fill in the following fields and then press OK (See Fig 4) a. Service: _wmssal salps b. Protocol: _tcp c. Port number: 445 d. Host offering this service: [fqdn_of_salps fqdn_of_salps_server_name] _server_name] 6. Press OK and then Done. Now the clients will be able to find the host LAS server: Fig 3. DNS SRV record on Windows Server 2008 Configuring Safe AutoLogon Password Server 3

Installing and Configuring the SALPS Software To install and configure the Safe AutoLogon Password Server software: 1. Decide and identify which server(s) on the domain are available 24x7 to handle the logons of Safe AutoLogon client computers. Ideally, there should be 2+ servers identified as SALPS servers. Additionally, the SALPS servers must reside on a domain member server. 2. Install the Safe AutoLogon Password Server software on the first server decided in step 1. 3. First things first: Add users and set passwords. Click on the Manage Users tile. To add users, either type in a username, import a list of users, or select an existing Active Directory group, and add them to the list. Then, enter the user s password, or set a new password and check Send to AD. This is the username that will be used on Safe AutoLogon client(s). See Figure 4. 4. Next, setup Safe AutoLogon client computers. Click on the Safe AutoLogon Clients tile. First, add a group, then add computers to put into the group. Check all of the computers and click Refresh to verify clients can have SAL remotely installed and configured. See Figure 5. Fig 4. The SALPS software showing the username and other SALPS servers. Each username has its own password and domain associated with it. Fig 5. All usernames are shown here. Be sure to check Send to AD so Active Directory receives the password changes. Configuring Safe AutoLogon Password Server 4

5. Finally, remotely install the Safe AutoLogon software on the client computers. Click on the Safe AutoLogon Clients tile. Create a Group, then add one or more computers where you want to install Safe AutoLogon. Click on the newly created group and check the computers to install Safe AutoLogon. Next, click the Software icon to install the software to the checked clients in the list. You can optionally reboot the clients if you d like. See Figure 6. Fig 6. Add groups and clients here. You can also install or uninstall software, reboot the client computers, and change the settings. Configuring Safe AutoLogon Password Server 5

Safe AutoLogon client Installation and Configuration You can configure the SALPS server on the client (with username) directly from the SALPS software console. If you do want to manually configure Safe AutoLogon at the client computer, though, setup the SALPS server(s) as follows: 1. Configure the Password Servers settings (Options/Settings/Password Servers - see Figure 7). 2. Choose where the SALPS software are located (on Domain Controllers or other servers) 3. Enter the SALPS server names in the list. 4. Choose the action to take if Safe AutoLogon is unable to connect tot he SALPS servers. Fig 7. In this configuration, the SALPS servers are listed. Also, this client will not use the information stored locally if no SALPS servers are available. This is an administrative decision; the username could get locked out of the domain if too many unsuccessful logon attempts are made. Configuring Safe AutoLogon Password Server 6

Hardware and Software Requirements The following hardware and software requirements are necessary to use this software: Operating System. Safe AutoLogon Password Server: Windows Server 2003 with Service Pack 2 or later, Windows Server 2008 with Service Pack 1 or later, Windows Server 2008 R2, Windows 8, Windows Server 2012. Safe AutoLogon client: Windows XP Professional with Service Pack 3 or later, Windows Vista with Service Pack 1 or later, Windows 7, or Windows 8, including Windows Servers as listed for the Safe AutoLogon Password Server above. Hardware. A system with at least 4GB of RAM. The client consumes approximately 10MB RAM and 20MB of storage space. The Safe AutoLogon software and the Safe AutoLogon Password Server software are patent-pending and developed exclusively by WM Software. The information contained in this document represents the current view of WM Software Corporation on the issues discussed as of the date of publication. Because WM Software must respond to changing market conditions, it should not be interpreted to be a commitment on the part of WM Software, and WM Software cannot guarantee the accuracy of any information presented after the date of publication. This white paper is for informational purposes only. WM SOFTWARE MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in, or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of WM Software Corporation. WM Software may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from WM Software, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. WM Software Corporation. All rights reserved. Microsoft, Windows, and the Windows logo are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. All other trademarks are property of their respective owners. Configuring Safe AutoLogon Password Server 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information