Home > Articles

  • Print
  • + Share This
This chapter is from the book

Creating a Single Sign-on Environment

Allowing access to the network and system resources by entering a single username and password is the holy grail of the network administrator. Using certificate services and smartcard devices can make this goal a reality.

The new Active Directory credential manager provides a secure store for user's X.509 certificates when used in conjunction with Windows XP credential management, which has three components; credential prompting user interface, stored user names and passwords, and a keyring to store PKI certificates. Together these infrastructure components form a single sign-on solution.

Consolidating Directories

If feasible, a company can standardize on Windows Server 2003 Active Directory. Consolidate LDAP directories. Active Directory can become the single repository for the company's users, machines, log-in credentials, and contact information.

Consolidating Applications

Security requirements on applications can be quite numerous. Inventory the current applications and their business purposes and security requirements. After administrators take the inventory of all the applications in the company some can be absorbed into other applications. Many applications are reliant on their underlying file system structure for their security. By reducing the number of applications and securing fewer network shares you can more easily allow and track access to those applications.

  • + Share This
  • 🔖 Save To Your Account