Management and Security Server Administrator Guide

  Management and Security Server Administrator Guide
      About the MSS Administrative Console
      About Add-On Products
    About Management and Security Server 12.8
    Manage Sessions
      Add and Launch a session
        Host Access for the Cloud
        Reflection/InfoConnect Desktop
        Reflection/InfoConnect Desktop - Workspace Automated Sign-on
        Reflection for the Web
        Rumba+ Desktop
      After the session is launched
      Manage saved sessions
        Edit a session
        Copy a session
        Delete a session
        Export a Reflection for the Web session
    Manage Packages
      Configure a Package
      Upload or Update a Package
    Assign Access
      Search & Assign
      Currently Assigned
      Providing Access to Assigned Sessions
    Configure Settings
      General Settings
      General Security
        Server access protocol
        Restrict administrator account
        Change administrator password
        Require new login
        Smart card settings
        Certificate chooser prompt
        Enable identity verification
        Change keystore password
        PKI Server
      Secure Shell
        Administer the Management and Security Server Certificate
        Administer Shared Client Certificate
        Other certificates
      Trusted Certificates
      Credential Store (Reflection for the Web)
      Security Proxy Server
      Authentication & Authorization
        Choose Authentication Method
        Choose Authorization Method
        LDAP Server Configuration
        Single Sign-on through IIS
        Windows Authentication - Kerberos
          Limitations, Requirements, Terminology
          Enabling Kerberos
          Configuring Kerberos
          Configuring Kerberos for Clustered Servers
          Troubleshooting Kerberos Configuration
          Upgrading MSS: Considerations for Kerberos
          Disabling Kerberos
        Windows Authentication - NTLMv2 (deprecated)
          Configure Windows Authentication - NTLMv2 (without LDAP)
          Use LDAP to restrict access to Window Authentication - NTLMv2 sessions
          Adding Another Server for Windows Authentication NTLMv2
        X.509 Configuration
        SiteMinder Configuration
        Micro Focus Advanced Authentication
        SAML Authentication
          SAML Configuration steps
      Product Activation
        Install an additional product
        Complete the activation
      Automated Sign-On for Mainframe
        Automated Sign-on for mainframe sessions
        DCAS Servers
        Secondary LDAP directory
        User Principal Name (UPN)
        Search filter used with secondary LDAP directory
        Check the client settings
      Terminal ID Manager
        Configuring Clustering
        Using a Load Balancer
        Upgrading Servers in a Cluster
        When using a Security Proxy
        Troubleshooting Clustering
    Run Reports
      Log File Viewer Reports
      Usage Metering Reports
      Security Proxy Server Reports
      Assigned Access Reports
      Credential Store Reports (Reflection for the Web)
    Technical References
      Using the Security Proxy Server
      Security Overview
      Credential stores used in MSS
        Stores used by MSS in MSSData/trustedcerts
        Keychain in MSSData
        Stores located in server/etc
        Stores used by Security Proxy in proxyserver/keystores
        cacerts in jre/lib/security/cacerts
      X.509 Certificates - Setup Requirements
      Using Log Viewer
        To use the Log Viewer
          Other Features
          Changing Logging Options
            An example using
          Gathering Log Files to View on another Server or to Send to Technical Support