Single Sign On Blank Title 62173

<html

#ygrps-yiv-983901352 .ygrps-yiv-983901352ygrp-photo-title { TEXT-ALIGN:center;WIDTH:75px;HEIGHT:15px;CLEAR:both;FONT-SIZE:smaller;OVERFLOW:hidden;} #ygrps-yiv-983901352 DIV.ygrps-yiv-983901352ygrp-photo { BORDER-BOTTOM:black 1px solid;BORDER-LEFT:black 1px solid;BACKGROUND-COLOR:white;WIDTH:62px;BACKGROUND-REPEAT:no-repeat;BACKGROUND-POSITION:center 50%;HEIGHT:62px;BORDER-TOP:black 1px solid;BORDER-RIGHT:black 1px solid;} #ygrps-yiv-983901352 DIV.ygrps-yiv-983901352photo-title A { TEXT-DECORATION:none;} #ygrps-yiv-983901352 DIV.ygrps-yiv-983901352photo-title A:active { TEXT-DECORATION:none;} #ygrps-yiv-983901352 DIV.ygrps-yiv-983901352photo-title A:hover { TEXT-DECORATION:none;} #ygrps-yiv-983901352 DIV.ygrps-yiv-983901352photo-title A:visited { TEXT-DECORATION:none;} #ygrps-yiv-983901352 DIV.ygrps-yiv-983901352attach-table DIV.ygrps-yiv-983901352attach-row { CLEAR:both;} #ygrps-yiv-983901352 DIV.ygrps-yiv-983901352attach-table DIV.ygrps-yiv-983901352attach-row DIV { FLOAT:left;} #ygrps-yiv-983901352 P { PADDING-BOTTOM:3px;PADDING-LEFT:0px;PADDING-RIGHT:0px;CLEAR:both;OVERFLOW:hidden;PADDING-TOP:15px;} #ygrps-yiv-983901352 DIV.ygrps-yiv-983901352ygrp-file { WIDTH:30px;} #ygrps-yiv-983901352 DIV.ygrps-yiv-983901352attach-table DIV.ygrps-yiv-983901352attach-row DIV DIV A { TEXT-DECORATION:none;} #ygrps-yiv-983901352 DIV.ygrps-yiv-983901352attach-table DIV.ygrps-yiv-983901352attach-row DIV DIV SPAN { FONT-WEIGHT:normal;} #ygrps-yiv-983901352 DIV.ygrps-yiv-983901352ygrp-file-title { FONT-WEIGHT:bold;}

----- Original Message -----

From: Ned

To: vantage@yahoogroups.com

Sent: Wednesday, February 12, 2014 7:11 AM

Subject: RE: [Vantage] Single Sign On

1 – Add Domain and Domain Username to a user’s record.

2- Edit the .mfgsys config file for the client from <singlesignon value=”false” bool=”” />  to <singlesignon value=”true” bool=”” />  

 

That should take care of it for you.

 

 

From: vantage@yahoogroups.com [mailto:vantage@yahoogroups.com] On Behalf Of Charles Carden
Sent: Wednesday, February 12, 2014 9:58 AM
To: vantage@yahoogroups.com
Subject: [Vantage] Single Sign On

 

I suppose I do not understand how single sign on works as I have not been able to get it to.  Would someone please explain the steps necessary to get single sign on to work.  We are on 9.05.702a although I don't think that makes any difference in the setup procedures.

 

 Thank you.

 

Charles Carden

No virus found in this message.
Checked by AVG - www.avg.com
Version: 2014.0.4259 / Virus Database: 3697/7086 - Release Date: 02/12/14

We have our active directory setup so that our users must change their
passwords every 90 days. Apparently, Vantage does not see this change.
Do we honestly have to zero out everyone's password each time they
change their windows password, so that they stay matched? Are there any
other options other than removing the 90-day password change?



Matt Caldwell
Technical Support Analyst

KERUSSO
P.O. Box 32
Berryville, AR 72616
Phone: 800-424-0943 Ext. 231
Fax: 870-423-3568
Web Site: http://www.kerusso.com
******************************************************************
CONFIDENTIALITY STATEMENT:
This message, from Kerusso Inc., contains information
which is privileged and confidential and is solely for the use of
the intended recipient. If you are not the intended recipient, be
aware that any review, disclosure, copying, distribution, or use
of the contents of this message is strictly prohibited. If you have
received this in error, please destroy it and notify us immediately
at: 800-424-0943
******************************************************************





[Non-text portions of this message have been removed]

We are on Vantage 6.1 and the user can change the Vantage password by clicking on "options" and then "change password".

Our users normally have a different user and password for Vantage vs the domain logon.

FYI
Paul Lipham
Alabama Specialty Products, Inc.

________________________________
From: vantage@yahoogroups.com [mailto:vantage@yahoogroups.com] On Behalf Of Matt Caldwell
Sent: Monday, January 28, 2008 8:52 AM
To: vantage@yahoogroups.com
Subject: [Vantage] Single Sign On


We have our active directory setup so that our users must change their
passwords every 90 days. Apparently, Vantage does not see this change.
Do we honestly have to zero out everyone's password each time they
change their windows password, so that they stay matched? Are there any
other options other than removing the 90-day password change?

Matt Caldwell
Technical Support Analyst

KERUSSO
P.O. Box 32
Berryville, AR 72616
Phone: 800-424-0943 Ext. 231
Fax: 870-423-3568
Web Site: http://www.kerusso.com
******************************************************************
CONFIDENTIALITY STATEMENT:
This message, from Kerusso Inc., contains information
which is privileged and confidential and is solely for the use of
the intended recipient. If you are not the intended recipient, be
aware that any review, disclosure, copying, distribution, or use
of the contents of this message is strictly prohibited. If you have
received this in error, please destroy it and notify us immediately
at: 800-424-0943
******************************************************************

[Non-text portions of this message have been removed]



[Non-text portions of this message have been removed]

I'm not 100 % sure, but I believe that the single sign on feature
effectively eliminates the password checking. Instead it makes the
assumption that if your domain username (on the PC your running
Vantage from)is authenticated by the domain controller, then no
password check is performed.

The Epicor support docs for single sign on are pretty sketchy. There
are several settings, that kind of work together. They are:

1) The "Domain", "Domain UserID", and "Require Single Sign On" fields
in the "User Security" window.

2) The "Require Single Sign On" check box on the "User" tab in
the "ConfigEditor" utility program.

3) The "UserID & UserPassword" textboxes on the "User" tab in
the "ConfigEditor" utility program.

The ConfigEditor program is in the client folder on the client PC
(mine is in C:\client803\client). And for whatever reason, the
ConfigEditor program always starts up minimized. So look in the
Windows task bar, after you've double clicked it.

If I setup the Users settings(from #1 above), set the Require Single
Sign On check box (from #2 above), and leave the items from #3 blank
it seems to work.


Calvin

--- In vantage@yahoogroups.com, "Matt Caldwell" <matt@...> wrote:
>
> We have our active directory setup so that our users must change
their
> passwords every 90 days. Apparently, Vantage does not see this
change.
> Do we honestly have to zero out everyone's password each time they
> change their windows password, so that they stay matched? Are
there any
> other options other than removing the 90-day password change?
>
>
>
> Matt Caldwell
> Technical Support Analyst
>
> KERUSSO
> P.O. Box 32
> Berryville, AR 72616
> Phone: 800-424-0943 Ext. 231
> Fax: 870-423-3568
> Web Site: http://www.kerusso.com
> ******************************************************************
> CONFIDENTIALITY STATEMENT:
> This message, from Kerusso Inc., contains information
> which is privileged and confidential and is solely for the use of
> the intended recipient. If you are not the intended recipient, be
> aware that any review, disclosure, copying, distribution, or use
> of the contents of this message is strictly prohibited. If you have
> received this in error, please destroy it and notify us immediately
> at: 800-424-0943
> ******************************************************************
>
>
>
>
>
> [Non-text portions of this message have been removed]
>

First, you need to understand the EPICOR definition of Single Sign-on
is not the traditional definition. They mean...when you check the
Single Sign-on box, you can open up on 1 single session of Vantage
for that user-id.

When starting the Vantage application, you will always be required to
somehow enter the User ID / Password established in the Vantage
security model. To ease this process for the user, you get
Vantage "cut and paste" the UI from the Windows client, or you can
create, either an INI file for Registry entry (I can't remember which
one) to hold this information which will then allow the user to start
up automatically. In either case, passwords are stored in plain text
and are in no way integrated with MS Active Directory. So if your
domain PW changes, you have to change to Vantage PW manually to keep
them in synch.

We understand EPICOR is planning to MS AD integration for Version 9.0
but don't be fooled now, it does not exist.

--- In vantage@yahoogroups.com, "Calvin Krusen" <ckrusen@...> wrote:
>
> I'm not 100 % sure, but I believe that the single sign on feature
> effectively eliminates the password checking. Instead it makes the
> assumption that if your domain username (on the PC your running
> Vantage from)is authenticated by the domain controller, then no
> password check is performed.
>
> The Epicor support docs for single sign on are pretty sketchy.
There
> are several settings, that kind of work together. They are:
>
> 1) The "Domain", "Domain UserID", and "Require Single Sign On"
fields
> in the "User Security" window.
>
> 2) The "Require Single Sign On" check box on the "User" tab in
> the "ConfigEditor" utility program.
>
> 3) The "UserID & UserPassword" textboxes on the "User" tab in
> the "ConfigEditor" utility program.
>
> The ConfigEditor program is in the client folder on the client PC
> (mine is in C:\client803\client). And for whatever reason, the
> ConfigEditor program always starts up minimized. So look in the
> Windows task bar, after you've double clicked it.
>
> If I setup the Users settings(from #1 above), set the Require
Single
> Sign On check box (from #2 above), and leave the items from #3
blank
> it seems to work.
>
>
> Calvin
>
> --- In vantage@yahoogroups.com, "Matt Caldwell" <matt@> wrote:
> >
> > We have our active directory setup so that our users must change
> their
> > passwords every 90 days. Apparently, Vantage does not see this
> change.
> > Do we honestly have to zero out everyone's password each time they
> > change their windows password, so that they stay matched? Are
> there any
> > other options other than removing the 90-day password change?
> >
> >
> >
> > Matt Caldwell
> > Technical Support Analyst
> >
> > KERUSSO
> > P.O. Box 32
> > Berryville, AR 72616
> > Phone: 800-424-0943 Ext. 231
> > Fax: 870-423-3568
> > Web Site: http://www.kerusso.com
> > ******************************************************************
> > CONFIDENTIALITY STATEMENT:
> > This message, from Kerusso Inc., contains information
> > which is privileged and confidential and is solely for the use of
> > the intended recipient. If you are not the intended recipient, be
> > aware that any review, disclosure, copying, distribution, or use
> > of the contents of this message is strictly prohibited. If you
have
> > received this in error, please destroy it and notify us
immediately
> > at: 800-424-0943
> > ******************************************************************
> >
> >
> >
> >
> >
> > [Non-text portions of this message have been removed]
> >
>

(Sorry if you got this twice. I deleted the first one right after I
realized the chart I entered was all reformated)

Epicor's definition of Single Sign On(SSO) is...

"Single Sign-On (SSO) is functionality that allows users to sign on
(log in) to Vista using the Login IDs and Passwords they use to log
into their computer's operating system (for example Windows, Unix,
Linux and so on). In other words, if SSO is enabled, users will not
be presented with a Logon window when they click their Vista icon;
they will be taken directly to the application's main menu."

It does not limit the user to a single session. With SSO enabled, I
can launch two (or more) sessions.

Some important notes about SSO.

Vantage User Setting = False
PC Config File Setting = False
******************************************
User is prompted for userID and password

Vantage User Setting = False
PC Config File Setting = True
******************************************
User is automatically logged into Vantage with the userid that they
are logged into the PC with. User can switch to another user's ID
once Vantage is loaded.

Vantage User Setting = True
PC Config File Setting = False
******************************************
User is presented with login window, but will not be allowed to
login. Only users WITHOUT SSO enabled can login from this PC.

Vantage User Setting = True
PC Config File Setting = True
******************************************
User is automatically logged into Vantage. User can switch to
another user's ID once Vantage is loaded.


Vantage never needs its password to match the domain password. Or
even be entered anywhere.

Calvin

--- In vantage@yahoogroups.com, "Tim Russell" <russell.t@...> wrote:
>
> First, you need to understand the EPICOR definition of Single Sign-
on
> is not the traditional definition. They mean...when you check the
> Single Sign-on box, you can open up on 1 single session of Vantage
> for that user-id.
>
> When starting the Vantage application, you will always be required
to
> somehow enter the User ID / Password established in the Vantage
> security model. To ease this process for the user, you get
> Vantage "cut and paste" the UI from the Windows client, or you can
> create, either an INI file for Registry entry (I can't remember
which
> one) to hold this information which will then allow the user to
start
> up automatically. In either case, passwords are stored in plain
text
> and are in no way integrated with MS Active Directory. So if your
> domain PW changes, you have to change to Vantage PW manually to
keep
> them in synch.
>
> We understand EPICOR is planning to MS AD integration for Version
9.0
> but don't be fooled now, it does not exist.
>
>
> --- In vantage@yahoogroups.com, "Calvin Krusen" <ckrusen@> wrote:
> >
> > I'm not 100 % sure, but I believe that the single sign on
feature
> > effectively eliminates the password checking. Instead it makes
the
> > assumption that if your domain username (on the PC your running
> > Vantage from)is authenticated by the domain controller, then no
> > password check is performed.
> >
> > The Epicor support docs for single sign on are pretty sketchy.
> There
> > are several settings, that kind of work together. They are:
> >
> > 1) The "Domain", "Domain UserID", and "Require Single Sign On"
> fields
> > in the "User Security" window.
> >
> > 2) The "Require Single Sign On" check box on the "User" tab in
> > the "ConfigEditor" utility program.
> >
> > 3) The "UserID & UserPassword" textboxes on the "User" tab in
> > the "ConfigEditor" utility program.
> >
> > The ConfigEditor program is in the client folder on the client
PC
> > (mine is in C:\client803\client). And for whatever reason, the
> > ConfigEditor program always starts up minimized. So look in the
> > Windows task bar, after you've double clicked it.
> >
> > If I setup the Users settings(from #1 above), set the Require
> Single
> > Sign On check box (from #2 above), and leave the items from #3
> blank
> > it seems to work.
> >
> >
> > Calvin
> >
> > --- In vantage@yahoogroups.com, "Matt Caldwell" <matt@> wrote:
> > >
> > > We have our active directory setup so that our users must
change
> > their
> > > passwords every 90 days. Apparently, Vantage does not see
this
> > change.
> > > Do we honestly have to zero out everyone's password each time
they
> > > change their windows password, so that they stay matched? Are
> > there any
> > > other options other than removing the 90-day password change?
> > >
> > >
> > >
> > > Matt Caldwell
> > > Technical Support Analyst
> > >
> > > KERUSSO
> > > P.O. Box 32
> > > Berryville, AR 72616
> > > Phone: 800-424-0943 Ext. 231
> > > Fax: 870-423-3568
> > > Web Site: http://www.kerusso.com
> > >
******************************************************************
> > > CONFIDENTIALITY STATEMENT:
> > > This message, from Kerusso Inc., contains information
> > > which is privileged and confidential and is solely for the use
of
> > > the intended recipient. If you are not the intended recipient,
be
> > > aware that any review, disclosure, copying, distribution, or
use
> > > of the contents of this message is strictly prohibited. If you
> have
> > > received this in error, please destroy it and notify us
> immediately
> > > at: 800-424-0943
> > >
******************************************************************
> > >
> > >
> > >
> > >
> > >
> > > [Non-text portions of this message have been removed]
> > >
> >
>

Ok, so back to an earlier statement in this thread...
Can someone please confirm if the password is stored in plain text somewhere
when using single sign-on.
I was aware, prior to Single Sign-on (say in 6.1 for example), you could set
the user/pass in the .mfg file in plain text, but as of single sign-on, is
it somehow recorded in a file without my knowledge. My understanding was as
stated below, if you authenticate to the domain and single sign-on is set,
you don't get prompted for user\pass.
Is it possible that someone confused Single Sign-on for the "Allow Multiple
Sessions" setting and the method of skipping a password on versions prior to
Single Sign-on being available?
Some clarification would be great here...
Tim, what version are you speaking about? Can you please identify where the
plain text password is stored?
Thanks,
Aaron Hoyt
Vantage Plastics
-----Original Message-----
From: vantage@yahoogroups.com [mailto:vantage@yahoogroups.com]On Behalf Of
Calvin Krusen
Sent: Tuesday, January 29, 2008 8:59 AM
To: vantage@yahoogroups.com
Subject: [Vantage] Re: Single Sign On


(Sorry if you got this twice. I deleted the first one right after I
realized the chart I entered was all reformated)

Epicor's definition of Single Sign On(SSO) is...

"Single Sign-On (SSO) is functionality that allows users to sign on
(log in) to Vista using the Login IDs and Passwords they use to log
into their computer's operating system (for example Windows, Unix,
Linux and so on). In other words, if SSO is enabled, users will not
be presented with a Logon window when they click their Vista icon;
they will be taken directly to the application's main menu."

It does not limit the user to a single session. With SSO enabled, I
can launch two (or more) sessions.

Some important notes about SSO.

Vantage User Setting = False
PC Config File Setting = False
******************************************
User is prompted for userID and password

Vantage User Setting = False
PC Config File Setting = True
******************************************
User is automatically logged into Vantage with the userid that they
are logged into the PC with. User can switch to another user's ID
once Vantage is loaded.

Vantage User Setting = True
PC Config File Setting = False
******************************************
User is presented with login window, but will not be allowed to
login. Only users WITHOUT SSO enabled can login from this PC.

Vantage User Setting = True
PC Config File Setting = True
******************************************
User is automatically logged into Vantage. User can switch to
another user's ID once Vantage is loaded.

Vantage never needs its password to match the domain password. Or
even be entered anywhere.

Calvin

--- In vantage@yahoogroups.com, "Tim Russell" <russell.t@...> wrote:
>
> First, you need to understand the EPICOR definition of Single Sign-
on
> is not the traditional definition. They mean...when you check the
> Single Sign-on box, you can open up on 1 single session of Vantage
> for that user-id.
>
> When starting the Vantage application, you will always be required
to
> somehow enter the User ID / Password established in the Vantage
> security model. To ease this process for the user, you get
> Vantage "cut and paste" the UI from the Windows client, or you can
> create, either an INI file for Registry entry (I can't remember
which
> one) to hold this information which will then allow the user to
start
> up automatically. In either case, passwords are stored in plain
text
> and are in no way integrated with MS Active Directory. So if your
> domain PW changes, you have to change to Vantage PW manually to
keep
> them in synch.
>
> We understand EPICOR is planning to MS AD integration for Version
9.0
> but don't be fooled now, it does not exist.
>
>
> --- In vantage@yahoogroups.com, "Calvin Krusen" <ckrusen@> wrote:
> >
> > I'm not 100 % sure, but I believe that the single sign on
feature
> > effectively eliminates the password checking. Instead it makes
the
> > assumption that if your domain username (on the PC your running
> > Vantage from)is authenticated by the domain controller, then no
> > password check is performed.
> >
> > The Epicor support docs for single sign on are pretty sketchy.
> There
> > are several settings, that kind of work together. They are:
> >
> > 1) The "Domain", "Domain UserID", and "Require Single Sign On"
> fields
> > in the "User Security" window.
> >
> > 2) The "Require Single Sign On" check box on the "User" tab in
> > the "ConfigEditor" utility program.
> >
> > 3) The "UserID & UserPassword" textboxes on the "User" tab in
> > the "ConfigEditor" utility program.
> >
> > The ConfigEditor program is in the client folder on the client
PC
> > (mine is in C:\client803\client). And for whatever reason, the
> > ConfigEditor program always starts up minimized. So look in the
> > Windows task bar, after you've double clicked it.
> >
> > If I setup the Users settings(from #1 above), set the Require
> Single
> > Sign On check box (from #2 above), and leave the items from #3
> blank
> > it seems to work.
> >
> >
> > Calvin
> >
> > --- In vantage@yahoogroups.com, "Matt Caldwell" <matt@> wrote:
> > >
> > > We have our active directory setup so that our users must
change
> > their
> > > passwords every 90 days. Apparently, Vantage does not see
this
> > change.
> > > Do we honestly have to zero out everyone's password each time
they
> > > change their windows password, so that they stay matched? Are
> > there any
> > > other options other than removing the 90-day password change?
> > >
> > >
> > >
> > > Matt Caldwell
> > > Technical Support Analyst
> > >
> > > KERUSSO
> > > P.O. Box 32
> > > Berryville, AR 72616
> > > Phone: 800-424-0943 Ext. 231
> > > Fax: 870-423-3568
> > > Web Site: http://www.kerusso.com
> > >
******************************************************************
> > > CONFIDENTIALITY STATEMENT:
> > > This message, from Kerusso Inc., contains information
> > > which is privileged and confidential and is solely for the use
of
> > > the intended recipient. If you are not the intended recipient,
be
> > > aware that any review, disclosure, copying, distribution, or
use
> > > of the contents of this message is strictly prohibited. If you
> have
> > > received this in error, please destroy it and notify us
> immediately
> > > at: 800-424-0943
> > >
******************************************************************
> > >
> > >
> > >
> > >
> > >
> > > [Non-text portions of this message have been removed]
> > >
> >
>






[Non-text portions of this message have been removed]

Aaron,

The user password is not stored anywhere when using SSO.

You can store a Vantage UserID and Password in the PC's
configuration file. If you just want a PC to automatically login to
Vantage with a specific username and password, enter them in the
default.mfgsys file, and leave SSO as false in config file and
unchecked in the User Security program.

In Vista 8.03.403D, the configuration files on my system are in
c:\client803\client\config\. My standard config file
is "default.mfgsys", which you can open with a text editor.

In the default.mfgsys file there is a section of user settings.
Here is a snippet...
###############
<userSettings>
<!-- provide values for UserID and Password to enable auto-
login -->
<UserID value="" />
<Password value="" />
<SingleSignOn value="true" bool="" />
<DataCollectionUser value="false" bool="" />
<StartSystemMonitor value="true" bool="" />
#################

To determine which config file your various windows shortcuts to
Vantage are using, look at the properties of the shortcut for
the /CONFIG option.

i.e.: C:\client803\client\MfgSys.exe /CONFIG=test.mfgsys

Calvin

--- In vantage@yahoogroups.com, "Aaron Hoyt" <aaron.hoyt@...> wrote:
>
> Ok, so back to an earlier statement in this thread...
> Can someone please confirm if the password is stored in plain text
somewhere
> when using single sign-on.
> I was aware, prior to Single Sign-on (say in 6.1 for example), you
could set
> the user/pass in the .mfg file in plain text, but as of single
sign-on, is
> it somehow recorded in a file without my knowledge. My
understanding was as
> stated below, if you authenticate to the domain and single sign-on
is set,
> you don't get prompted for user\pass.
> Is it possible that someone confused Single Sign-on for the "Allow
Multiple
> Sessions" setting and the method of skipping a password on
versions prior to
> Single Sign-on being available?
> Some clarification would be great here...
> Tim, what version are you speaking about? Can you please identify
where the
> plain text password is stored?
> Thanks,
> Aaron Hoyt
> Vantage Plastics
> -----Original Message-----
> From: vantage@yahoogroups.com [mailto:vantage@yahoogroups.com]On
Behalf Of
> Calvin Krusen
> Sent: Tuesday, January 29, 2008 8:59 AM
> To: vantage@yahoogroups.com
> Subject: [Vantage] Re: Single Sign On
>
>
> (Sorry if you got this twice. I deleted the first one right
after I
> realized the chart I entered was all reformated)
>
> Epicor's definition of Single Sign On(SSO) is...
>
> "Single Sign-On (SSO) is functionality that allows users to sign
on
> (log in) to Vista using the Login IDs and Passwords they use to
log
> into their computer's operating system (for example Windows,
Unix,
> Linux and so on). In other words, if SSO is enabled, users will
not
> be presented with a Logon window when they click their Vista
icon;
> they will be taken directly to the application's main menu."
>
> It does not limit the user to a single session. With SSO
enabled, I
> can launch two (or more) sessions.
>
> Some important notes about SSO.
>
> Vantage User Setting = False
> PC Config File Setting = False
> ******************************************
> User is prompted for userID and password
>
> Vantage User Setting = False
> PC Config File Setting = True
> ******************************************
> User is automatically logged into Vantage with the userid that
they
> are logged into the PC with. User can switch to another user's ID
> once Vantage is loaded.
>
> Vantage User Setting = True
> PC Config File Setting = False
> ******************************************
> User is presented with login window, but will not be allowed to
> login. Only users WITHOUT SSO enabled can login from this PC.
>
> Vantage User Setting = True
> PC Config File Setting = True
> ******************************************
> User is automatically logged into Vantage. User can switch to
> another user's ID once Vantage is loaded.
>
> Vantage never needs its password to match the domain password. Or
> even be entered anywhere.
>
> Calvin
>

<snip>

Great info here, thanks!



From: vantage@yahoogroups.com [mailto:vantage@yahoogroups.com] On Behalf
Of Calvin Krusen
Sent: Tuesday, January 29, 2008 7:59 AM
To: vantage@yahoogroups.com
Subject: [Vantage] Re: Single Sign On



(Sorry if you got this twice. I deleted the first one right after I
realized the chart I entered was all reformated)

Epicor's definition of Single Sign On(SSO) is...

"Single Sign-On (SSO) is functionality that allows users to sign on
(log in) to Vista using the Login IDs and Passwords they use to log
into their computer's operating system (for example Windows, Unix,
Linux and so on). In other words, if SSO is enabled, users will not
be presented with a Logon window when they click their Vista icon;
they will be taken directly to the application's main menu."

It does not limit the user to a single session. With SSO enabled, I
can launch two (or more) sessions.

Some important notes about SSO.

Vantage User Setting = False
PC Config File Setting = False
******************************************
User is prompted for userID and password

Vantage User Setting = False
PC Config File Setting = True
******************************************
User is automatically logged into Vantage with the userid that they
are logged into the PC with. User can switch to another user's ID
once Vantage is loaded.

Vantage User Setting = True
PC Config File Setting = False
******************************************
User is presented with login window, but will not be allowed to
login. Only users WITHOUT SSO enabled can login from this PC.

Vantage User Setting = True
PC Config File Setting = True
******************************************
User is automatically logged into Vantage. User can switch to
another user's ID once Vantage is loaded.

Vantage never needs its password to match the domain password. Or
even be entered anywhere.

Calvin

--- In vantage@yahoogroups.com <mailto:vantage%40yahoogroups.com> , "Tim
Russell" <russell.t@...> wrote:

>
> First, you need to understand the EPICOR definition of Single Sign-

on

> is not the traditional definition. They mean...when you check the
> Single Sign-on box, you can open up on 1 single session of Vantage
> for that user-id.
>
> When starting the Vantage application, you will always be required

to

> somehow enter the User ID / Password established in the Vantage
> security model. To ease this process for the user, you get
> Vantage "cut and paste" the UI from the Windows client, or you can
> create, either an INI file for Registry entry (I can't remember

which

> one) to hold this information which will then allow the user to

start

> up automatically. In either case, passwords are stored in plain

text

> and are in no way integrated with MS Active Directory. So if your
> domain PW changes, you have to change to Vantage PW manually to

keep

> them in synch.
>
> We understand EPICOR is planning to MS AD integration for Version

9.0

> but don't be fooled now, it does not exist.
>
>
> --- In vantage@yahoogroups.com <mailto:vantage%40yahoogroups.com> ,

"Calvin Krusen" <ckrusen@> wrote:

> >
> > I'm not 100 % sure, but I believe that the single sign on

feature

> > effectively eliminates the password checking. Instead it makes

the

> > assumption that if your domain username (on the PC your running
> > Vantage from)is authenticated by the domain controller, then no
> > password check is performed.
> >
> > The Epicor support docs for single sign on are pretty sketchy.
> There
> > are several settings, that kind of work together. They are:
> >
> > 1) The "Domain", "Domain UserID", and "Require Single Sign On"
> fields
> > in the "User Security" window.
> >
> > 2) The "Require Single Sign On" check box on the "User" tab in
> > the "ConfigEditor" utility program.
> >
> > 3) The "UserID & UserPassword" textboxes on the "User" tab in
> > the "ConfigEditor" utility program.
> >
> > The ConfigEditor program is in the client folder on the client

PC

> > (mine is in C:\client803\client). And for whatever reason, the
> > ConfigEditor program always starts up minimized. So look in the
> > Windows task bar, after you've double clicked it.
> >
> > If I setup the Users settings(from #1 above), set the Require
> Single
> > Sign On check box (from #2 above), and leave the items from #3
> blank
> > it seems to work.
> >
> >
> > Calvin
> >
> > --- In vantage@yahoogroups.com <mailto:vantage%40yahoogroups.com> ,

"Matt Caldwell" <matt@> wrote:

> > >
> > > We have our active directory setup so that our users must

change

> > their
> > > passwords every 90 days. Apparently, Vantage does not see

this

> > change.
> > > Do we honestly have to zero out everyone's password each time

they

> > > change their windows password, so that they stay matched? Are
> > there any
> > > other options other than removing the 90-day password change?
> > >
> > >
> > >
> > > Matt Caldwell
> > > Technical Support Analyst
> > >
> > > KERUSSO
> > > P.O. Box 32
> > > Berryville, AR 72616
> > > Phone: 800-424-0943 Ext. 231
> > > Fax: 870-423-3568
> > > Web Site: http://www.kerusso.com
> > >

******************************************************************

> > > CONFIDENTIALITY STATEMENT:
> > > This message, from Kerusso Inc., contains information
> > > which is privileged and confidential and is solely for the use

of

> > > the intended recipient. If you are not the intended recipient,

be

> > > aware that any review, disclosure, copying, distribution, or

use

> > > of the contents of this message is strictly prohibited. If you
> have
> > > received this in error, please destroy it and notify us
> immediately
> > > at: 800-424-0943
> > >

******************************************************************

> > >
> > >
> > >
> > >
> > >
> > > [Non-text portions of this message have been removed]
> > >
> >
>

[Non-text portions of this message have been removed]

Thanks for the feedback. Let me get some feedback from my team on
the U/I and P/w storage location.

More soon.

--- In vantage@yahoogroups.com, "Matt Caldwell" <matt@...> wrote:
>
> Great info here, thanks!
>
>
>
> From: vantage@yahoogroups.com [mailto:vantage@yahoogroups.com] On
Behalf
> Of Calvin Krusen
> Sent: Tuesday, January 29, 2008 7:59 AM
> To: vantage@yahoogroups.com
> Subject: [Vantage] Re: Single Sign On
>
>
>
> (Sorry if you got this twice. I deleted the first one right after I
> realized the chart I entered was all reformated)
>
> Epicor's definition of Single Sign On(SSO) is...
>
> "Single Sign-On (SSO) is functionality that allows users to sign on
> (log in) to Vista using the Login IDs and Passwords they use to log
> into their computer's operating system (for example Windows, Unix,
> Linux and so on). In other words, if SSO is enabled, users will not
> be presented with a Logon window when they click their Vista icon;
> they will be taken directly to the application's main menu."
>
> It does not limit the user to a single session. With SSO enabled, I
> can launch two (or more) sessions.
>
> Some important notes about SSO.
>
> Vantage User Setting = False
> PC Config File Setting = False
> ******************************************
> User is prompted for userID and password
>
> Vantage User Setting = False
> PC Config File Setting = True
> ******************************************
> User is automatically logged into Vantage with the userid that they
> are logged into the PC with. User can switch to another user's ID
> once Vantage is loaded.
>
> Vantage User Setting = True
> PC Config File Setting = False
> ******************************************
> User is presented with login window, but will not be allowed to
> login. Only users WITHOUT SSO enabled can login from this PC.
>
> Vantage User Setting = True
> PC Config File Setting = True
> ******************************************
> User is automatically logged into Vantage. User can switch to
> another user's ID once Vantage is loaded.
>
> Vantage never needs its password to match the domain password. Or
> even be entered anywhere.
>
> Calvin
>
> --- In vantage@yahoogroups.com <mailto:vantage%
40yahoogroups.com> , "Tim
> Russell" <russell.t@> wrote:
> >
> > First, you need to understand the EPICOR definition of Single
Sign-
> on
> > is not the traditional definition. They mean...when you check the
> > Single Sign-on box, you can open up on 1 single session of
Vantage
> > for that user-id.
> >
> > When starting the Vantage application, you will always be
required
> to
> > somehow enter the User ID / Password established in the Vantage
> > security model. To ease this process for the user, you get
> > Vantage "cut and paste" the UI from the Windows client, or you
can
> > create, either an INI file for Registry entry (I can't remember
> which
> > one) to hold this information which will then allow the user to
> start
> > up automatically. In either case, passwords are stored in plain
> text
> > and are in no way integrated with MS Active Directory. So if your
> > domain PW changes, you have to change to Vantage PW manually to
> keep
> > them in synch.
> >
> > We understand EPICOR is planning to MS AD integration for Version
> 9.0
> > but don't be fooled now, it does not exist.
> >
> >
> > --- In vantage@yahoogroups.com <mailto:vantage%
40yahoogroups.com> ,
> "Calvin Krusen" <ckrusen@> wrote:
> > >
> > > I'm not 100 % sure, but I believe that the single sign on
> feature
> > > effectively eliminates the password checking. Instead it makes
> the
> > > assumption that if your domain username (on the PC your running
> > > Vantage from)is authenticated by the domain controller, then no
> > > password check is performed.
> > >
> > > The Epicor support docs for single sign on are pretty sketchy.
> > There
> > > are several settings, that kind of work together. They are:
> > >
> > > 1) The "Domain", "Domain UserID", and "Require Single Sign On"
> > fields
> > > in the "User Security" window.
> > >
> > > 2) The "Require Single Sign On" check box on the "User" tab in
> > > the "ConfigEditor" utility program.
> > >
> > > 3) The "UserID & UserPassword" textboxes on the "User" tab in
> > > the "ConfigEditor" utility program.
> > >
> > > The ConfigEditor program is in the client folder on the client
> PC
> > > (mine is in C:\client803\client). And for whatever reason, the
> > > ConfigEditor program always starts up minimized. So look in the
> > > Windows task bar, after you've double clicked it.
> > >
> > > If I setup the Users settings(from #1 above), set the Require
> > Single
> > > Sign On check box (from #2 above), and leave the items from #3
> > blank
> > > it seems to work.
> > >
> > >
> > > Calvin
> > >
> > > --- In vantage@yahoogroups.com <mailto:vantage%
40yahoogroups.com> ,
> "Matt Caldwell" <matt@> wrote:
> > > >
> > > > We have our active directory setup so that our users must
> change
> > > their
> > > > passwords every 90 days. Apparently, Vantage does not see
> this
> > > change.
> > > > Do we honestly have to zero out everyone's password each time
> they
> > > > change their windows password, so that they stay matched? Are
> > > there any
> > > > other options other than removing the 90-day password change?
> > > >
> > > >
> > > >
> > > > Matt Caldwell
> > > > Technical Support Analyst
> > > >
> > > > KERUSSO
> > > > P.O. Box 32
> > > > Berryville, AR 72616
> > > > Phone: 800-424-0943 Ext. 231
> > > > Fax: 870-423-3568
> > > > Web Site: http://www.kerusso.com
> > > >
> ******************************************************************
> > > > CONFIDENTIALITY STATEMENT:
> > > > This message, from Kerusso Inc., contains information
> > > > which is privileged and confidential and is solely for the
use
> of
> > > > the intended recipient. If you are not the intended
recipient,
> be
> > > > aware that any review, disclosure, copying, distribution, or
> use
> > > > of the contents of this message is strictly prohibited. If
you
> > have
> > > > received this in error, please destroy it and notify us
> > immediately
> > > > at: 800-424-0943
> > > >
> ******************************************************************
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > [Non-text portions of this message have been removed]
> > > >
> > >
> >
>
>
>
>
>
> [Non-text portions of this message have been removed]
>