Lenovo ThinkPad T400 (English) Hardware Password Manager Deployment Guide - Page 14

Migrating to a new LDAP server, Installing Hardware Password Manager on a Lenovo device, Install - user guide

Get Lenovo ThinkPad T400 PDF manuals and user guides View all Lenovo ThinkPad T400 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 14 highlights

3. Run the ThinkManagement Console Autorun.exe from the location where the installation package was extracted to. Select Install on the core server. Follow the prompts in the Installation wizard and select Restart Now after installation. 4. Activate the core server by entering your LANDesk contact name and password in the Core Server Activation Utility (internet connection required). 5. Configure the LDAP Server: a. Connect the HARDWARE PASSWORD MANAGER server and LDAP Authentication server to network. b. Launch the ThinkManagement Console. c. In the toolbox, there is a ThinkVantage Hardware Password Manager group with three items: HPM Enrolled Users, HPM Groups, and Remote Actions and Policy Settings. Click HPM Groups and then click Configure LDAP server (the third button) on the toolbar. d. Enter the information for the LDAP server that will serve as the authentication server. The following items need to be defined for the LDAP server: • Hostname: The name of the LDAP server. • Port: The port number to communicate with the server. The default port is 389 for Microsoft Active Directory. If you need to query a global catalog to access multiple Active Directory domains, change the port to 3268. If you select Novell eDirectory as your LDAP server, the default port is 636. • Server type: Select the type, either Microsoft Active Directory or Novell eDirectory. • Encryption type: Select the type of encryption used for communication with the server. • Authorized user: - The user name for logging in to the Microsoft Active Directory server. - A domain\user name or simply a user name. - The user name for logging in to a Novell eDirectory server. Note: It is better to use cn=admin name, o=admin context. If Bind Restrictions is set to None, admin name.admin context will work. If Bind Restrictions is set to Disallow anonymous simple bind, admin name.admin context will not work. - Password: The password for the authorized user on the LDAP server. e. Click OK when the information is complete. ThinkManagement Console core server setup completes now. Migrating to a new LDAP server You may find that you need to change the IP address or hostname of your LDAP server. You may also need to change to a new server with a different IP address, or even change to a different type of LDAP server. If any of these changes occurs, you need to create a new LDAP server configuration. To do this, repeat the LDAP configuration task in step 5 . It is recommended that existing registered HPM devices be deregistered and then registered once again with the new LDAP configuration. Otherwise, the devices registered with the old LDAP configuration will not be able to perform various HPM actions such as an intranet account login. Installing Hardware Password Manager on a Lenovo device To add Hardware Password Manager features to a Lenovo device, you must deploy an HPM agent to the device. You can do this by using either a push or a pull method. To deploy an agent with Hardware Password Manager client features: 6 Hardware Password Manager Deployment Guide

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
3. Run the ThinkManagement Console Autorun.exe from the location where the installation package was
extracted to. Select
Install
on the core server. Follow the prompts in the
Installation
wizard and
select
Restart Now
after installation.
4. Activate the core server by entering your LANDesk contact name and password in the Core Server
Activation Utility (internet connection required).
5. Configure the LDAP Server:
a.
Connect the HARDWARE PASSWORD MANAGER server and LDAP Authentication server to network.
b. Launch the ThinkManagement Console.
c.
In the toolbox, there is a ThinkVantage Hardware Password Manager group with three items: HPM
Enrolled Users, HPM Groups, and Remote Actions and Policy Settings. Click
HPM Groups
and then
click
Configure LDAP server
(the third button) on the toolbar.
d. Enter the information for the LDAP server that will serve as the authentication server. The following
items need to be defined for the LDAP server:
Hostname:
The name of the LDAP server.
Port:
The port number to communicate with the server. The default port is 389 for Microsoft
Active Directory. If you need to query a global catalog to access multiple Active Directory
domains, change the port to 3268. If you select Novell eDirectory as your LDAP server, the
default port is 636.
Server type:
Select the type, either Microsoft Active Directory or Novell eDirectory.
Encryption type:
Select the type of encryption used for communication with the server.
Authorized user:
The user name for logging in to the Microsoft Active Directory server.
A domain\user name or simply a user name.
The user name for logging in to a Novell eDirectory server.
Note:
It is better to use cn=admin name, o=admin context. If Bind Restrictions is set to None,
admin name.admin context will work. If Bind Restrictions is set to Disallow anonymous simple
bind, admin name.admin context will not work.
Password: The password for the authorized user on the LDAP server.
e.
Click
OK
when the information is complete.
ThinkManagement Console core server setup completes now.
Migrating to a new LDAP server
You may find that you need to change the IP address or hostname of your LDAP server. You may also need
to change to a new server with a different IP address, or even change to a different type of LDAP server.
If any of these changes occurs, you need to create a new LDAP server configuration. To do this, repeat the
LDAP configuration task in step 5 . It is recommended that existing registered HPM devices be deregistered
and then registered once again with the new LDAP configuration. Otherwise, the devices registered with the
old LDAP configuration will not be able to perform various HPM actions such as an intranet account login.
Installing Hardware Password Manager on a Lenovo device
To add Hardware Password Manager features to a Lenovo device, you must deploy an HPM agent to the
device. You can do this by using either a push or a pull method.
To deploy an agent with Hardware Password Manager client features:
6
Hardware Password Manager Deployment Guide