Installation guide
Prepare for Password Services
Chapter 1: Preparation 23
Agent Configuration Parameters Required for IIS Web Agents
In addition to the parameters required by all Agents, IIS Web Agents may need
to have values set for the following parameters in certain circumstances:
DefaultUsername
Specifies the name of a Windows user that is used to access IIS
resources as a proxy user. When users want to access resources on an
IIS web server protected by SiteMinder, they may not have the
necessary server access privileges. For example, if users are stored in an
LDAP user directory on a UNIX system, those users may not have access
to the Windows system with the IIS web server.
The Web Agent must use this NT user account, which is assigned by an
NT administrator, to act as a proxy user account for users granted access
by SiteMinder.
Default: No default
DefaultPassword
Specifies a default password for the associated Windows user that is
used to access IIS resources as a proxy user.
Important! If you want to encrypt this parameter, set it centrally in the
Agent Configuration Object. If this parameter is set in a local
configuration file, it will not be encrypted and will be less secure.
Default: No default
When users want to access resources on an IIS web server protected by
SiteMinder, they may not have the necessary server access privileges. The Web
Agent must use this NT user account, which is assigned by an NT administrator,
to act as a proxy user account for users granted access by SiteMinder.
Do not specify values for each of the previous parameters if you plan to do either
of the following:
■
Use the NTLM authentication scheme.
■
Enable the Windows User Security Context feature.
More information:
How to Configure a SiteMinder Web Agent on IIS 6.0 (see page 91)
Prepare for Password Services
The following sections discuss prerequisites and guidelines for password
services.