|
 SecureDoc Installation - Online Password Recovery
| SecureDoc Configuration - Building Profiles
|
SecureDoc Configuration - Basics, Admins & Imports |
| |
|
|
Basic Configuration of SES |
Before we can start to use SES, we need to define the basic settings of SecureDoc Enterprise Server. Therefore we open the management console and authenticate to the master key file. We open the basic configuration box and come to the pages in our configuration box:
On the general page, we can set up the basic server behavior, password rules, token protection and the communication between clients and server. The settings on the general page are the defaults for new client profiles and can be overruled by them if necessary.
|
|
|
|
- a detailed step-by-step guide made by us is available for customers and interested parties - contact us
-
|
Import of users and groups from AD |
Our user database is empty at this point. We do have several options to populate them with users, groups and organizational units.
• We can create them manually
• We can create them automatically during the first logon of the user, after client software installation (not much control)
• We can import them from any LDAP directory
In our sample installation we decide to import them from Active Directory.
Now we have to decide about, if the administrative structure of AD is usable for the SES administration. Is the AD clean and clear structured, are there naming conventions in place (and followed also), do group membership and organization units comply to the real structure of the company, then we can import groups and containers also. If the AD structure is a mess or follows other criteria, then we import the user objects only.
We log on to the SD Connex server:
Start –All Programs – SecureDoc Enterprise Server – AD Import Utility
Immediately after the start of the program, we get into the LDAP setup of SD Active Directory sync. We check the settings and confirm with „ok“
.....
|
|
|
|
- a detailed step-by-step guide made by us is available for customers and interested parties - contact us
-
|
Setting up additional Administrators |
Before we start with the client rollout, we need to delegate the administration of SES, user settings and computer configuration in the several sites. This can be done at any time, but it would be wise to have a local administrator or helpdesk account ready before the installation of clients start to help, just to have a supporter available in case something happens during
encryption or immediately after.
In our sample installation, we create a second SES admin with full permission. As this is a lab installation and there is no real delegation, we just take the domain admin account...
Optional: If we want to use this account as an emergency account during client installation, we have to create a digital certificate first. In our sample installation, this is a ‘smartcard user’ certificate, issued by the AD domain integrated certification authority. This certificate was exported to the local hard disk of the SES server. Certificate and private key are stored on a
smartcard G&D Starcos SPK 2.3.
We open the management console and authenticate to our master key file Then we navigate to our admin account and right click on it.
We choose „Generate new keys for the user“
„ok“
.....
|
|
|
|
- a detailed step-by-step guide made by us is available for customers and interested parties - contact us
-
|
|
|
|
 |
- a detailed step-by-step guide made by us is available for customers and interested parties - contact us
- |
|
|
|
