How To Provision Credentials Silently In ESSO Logon Manager (Doc ID 2460322.1)

Oracle Enterprise Single Sign-On: Logon Manager

How to provision credentials silently to users in ESSO Logon Manager.

Attempting to provision credentials for a host/mainframe application template pre-configured by the ESSO Administrator for end user deployment, in such a way that the user does not get prompted for password nor using the silent capture method as we don't want user to even enter this password, nor does the user need to know what the password is for this application. Thus essentially meaning user logs into a machine, launches this mainframe application and Logon Manager automatically logs the user in the application using the password which was previously configured by ESSO Administrator from ESSO Admin Console. In short user should and must not know what the password is for this mainframe application. (2) Furthermore, after 30 days when password change policy takes effect, this password should be automatically generated without user action. Again user should not know what the new password is.

Is the above possible to achieve?

The understanding is that an Administrator would need to log into the user machine with the user's credentials to add this mainframe application via Logon Manager application and provide the password so that user does not get to know what the password is. The Administrator would also need to configure the Logon Manager from Admin Console, "allow revealing" to No, under Global Agent Settings -> Security so that user is not able to view the password once it has been configured.
 

Solution

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.