Microsoft Video Gaming Accessories 4.5.X User Manual

Account Reset Console

Administration Guide

Revision: May 31, 2007 – For Software Version 4.5.x

Lieberman Software Corporation - 1900 Ave of the Stars, Suite 425, Los Angeles, CA 90067

Voice: 800.829.6263 (USA/Canada) Voice: (01) 310.550.8575 (Worldwide) Fax: (01) 310.550.1152 (Worldwide)

Web: www.liebsoft.com Email: support@liebsoft.com

Table of Contents

Copyright Notice....................................................................................................................... 1

License Agreement .................................................................................................................. 2

Country of Origin ...................................................................................................................... 3

Limited Warranty ...................................................................................................................... 4

Pre-Usage Considerations ....................................................................................................... 5

Welcome to the Account Reset Console................................................................................... 6

Thanks for using the Account Reset Console!....................................................................... 6

The Account Reset Console Web Interface........................................................................... 6

Getting Started...................................................................................................................... 7

Configuring the Account Reset Console ................................................................................. 10

Overview............................................................................................................................. 10

Granting super-user access rights....................................................................................... 10

Configuring managed domains............................................................................................ 12

Setting up data sources and logging ................................................................................... 13

Selecting program features ................................................................................................. 14

Configuring email ................................................................................................................ 17

Setting up group permissions.............................................................................................. 18

Viewing logs........................................................................................................................ 20

Configuring Verification Questions and Answers [Advanced] .............................................. 20

Reviewing Data Security [Advanced]................................................................................... 24

Updating the application’s appearance [Advanced]............................................................. 25

Setting up the mobile site [Advanced] ................................................................................. 27

Scheduling tasks [Advanced] .............................................................................................. 27

Configuring licensing [Advanced] ........................................................................................ 30

Changing Your Own Password............................................................................................... 31

Overview............................................................................................................................. 31

Changing Your Password.................................................................................................... 31

Resetting User Accounts ........................................................................................................ 32

Overview............................................................................................................................. 32

Resetting Accounts ............................................................................................................. 32

Account Reset Options .................................................................................................... 33

Looking Up User Data ............................................................................................................ 33

Overview............................................................................................................................. 33

Resetting Accounts ............................................................................................................. 33

Identity Configuration.............................................................................................................. 34

Overview............................................................................................................................. 34

Setting Up Identity Information ............................................................................................ 35

Log Viewing............................................................................................................................ 36

Overview............................................................................................................................. 36

Log Viewing Options ........................................................................................................... 36

Viewing the Access Log ...................................................................................................... 37

Viewing the Action Log........................................................................................................ 38

Scheduling Management Reports........................................................................................... 38

Overview............................................................................................................................. 38

Creating and Viewing Management Reports ....................................................................... 38

Adding Reports ................................................................................................................... 39

Running Reports Immediately ............................................................................................. 40

Editing Report Settings........................................................................................................ 40

Viewing Management Reports................................................................................................ 41

Overview............................................................................................................................. 41

Report Viewing Options....................................................................................................... 42

Scheduling Account Tasks ..................................................................................................... 43

Overview............................................................................................................................. 43

Creating and Viewing Account Tasks.................................................................................. 44

Adding Tasks ...................................................................................................................... 44

Running Tasks Immediately ................................................................................................ 45

Editing Task Intervals and Actions....................................................................................... 45

Viewing Account Task Reports............................................................................................... 47

Overview............................................................................................................................. 47

Report Viewing Options....................................................................................................... 48

Set Program Access Rights.................................................................................................... 50

Overview............................................................................................................................. 50

Program Access Levels....................................................................................................... 50

Adding Access Rights ......................................................................................................... 51

Viewing or Deleting Existing Access Rights......................................................................... 51

Set Group Access Rights ....................................................................................................... 52

Overview............................................................................................................................. 52

Group Access Rights........................................................................................................... 52

Adding Access Rights ......................................................................................................... 53

Viewing or Deleting Existing Access Rights......................................................................... 53

Set Account Reset Features................................................................................................... 54

Overview............................................................................................................................. 54

Account Reset Options........................................................................................................ 54

Set Password Change Features............................................................................................. 56

Overview............................................................................................................................. 56

Password Change Options.................................................................................................. 57

Configuring Email Settings ..................................................................................................... 59

Overview............................................................................................................................. 59

Configuring Email............................................................................................................. 59

Appearance............................................................................................................................ 61

Overview............................................................................................................................. 61

Managing the Account Reset Console Appearance ............................................................ 61

Colors .............................................................................................................................. 62

Altering the Page Header................................................................................................. 62

Customizing the Main Menu............................................................................................. 62

Customizing the Side Menu ............................................................................................. 63

Customizing the Page Content......................................................................................... 63

Configuring Mobile Settings.................................................................................................... 64

Overview............................................................................................................................. 64

Managing the Mobile Settings ............................................................................................. 64

Data Sources ......................................................................................................................... 65

Overview............................................................................................................................. 65

Viewing Available Data Sources.......................................................................................... 65

Adding a Data Source ......................................................................................................... 66

Editing a Data Source ......................................................................................................... 66

Editing a Microsoft Jet Data Source ................................................................................. 67

Editing a Microsoft SQL Server Data Source ................................................................... 67

Editing a General ADO-Compatible Data Source............................................................. 68

Logging Configuration ............................................................................................................ 68

Overview............................................................................................................................. 68

Viewing the Log Configuration............................................................................................. 68

Changing the Log Database................................................................................................ 69

Log Requirements............................................................................................................ 69

User Verification Configuration............................................................................................... 69

Overview............................................................................................................................. 69

Adding and Removing Questions ........................................................................................ 70

Setting the Test User........................................................................................................... 71

Editing Question Configurations .......................................................................................... 71

Verification Query Types.................................................................................................. 72

Designing Queries ........................................................................................................... 73

Domain Configuration............................................................................................................. 75

Overview............................................................................................................................. 75

Managing Domains ............................................................................................................. 75

Viewing Domain Details ................................................................................................... 76

Setting the Default Domain .............................................................................................. 76

Application Security................................................................................................................ 77

Overview............................................................................................................................. 77

Managing Application Security ............................................................................................ 77

Super-User Configuration....................................................................................................... 78

Overview............................................................................................................................. 78

Adding new Super-User Groups.......................................................................................... 78

Viewing or deleting existing Super-User Groups ................................................................. 79

Licensing................................................................................................................................ 80

Overview............................................................................................................................. 80

Changing or Viewing License Information ........................................................................... 80

The ARCWeb Site Index ........................................................................................................ 82

Overview............................................................................................................................. 82

Appendix A............................................................................................................................. 83

Troubleshooting .................................................................................................................. 83

The software contains proprietary information of Lieberman Software Corporation; it is provided under a license agreement containing restrictions on use and disclosure and is also protected by copyright law. Reverse engineering of the software is prohibited.

Due to continued product development this information may change without notice. The information and intellectual property contained herein is confidential between Lieberman Software Corporation and the client and remains the exclusive property of Lieberman Software Corporation. If you find any problems in the documentation, please report them to us in writing. Lieberman Software Corporation does not warrant that this document is error-free.

No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise without the prior written permission of Lieberman Software Corporation.

Microsoft Windows, Window 95, Window 98, Windows NT, Windows 2000, Windows Server 2003, IIS are trademarks of the Microsoft Corporation.

License Agreement

This is a legal and binding contract between you, the end user, and Lieberman Software Corporation. By using this software, you agree to be bound by the terms of this agreement. If you do not agree to the terms of this agreement, you should return the software and documentation as well as all accompanying items promptly for a refund.

1. Your Rights: Lieberman Software Corporation hereby grants you the right to use a single copy of this product to evaluate the product on an unlimited number of user accounts and systems for up to 30 days in a non-production environment.

When licensed by us to you for commercial use, the software can be used to manage the number of user account (passwords and settings) granted in the license. The serial number provided to you is designed for a specific named machine. If you need to move the license to another system, we will provide you with new serial numbers for those systems owned/controlled by you at no cost as long as you maintain a current support agreement with us (included for free in your first year).

Each server running our web server software requires you to purchase a separate server license as well as an appropriate number of managed user licenses. If the same user account is managed by two or more web servers, the multiple instances of the user account shall be treated as only a single user. For example, if you have three web servers managing the same domain of 4500 users, then you would need to buy three server licenses and buy 4500 user licenses.

2. Copyright. The SOFTWARE is owned by Lieberman Software Corporation and is protected by United States copyright law and international treaty provisions. Therefore, you must treat the software like any other copyrighted material (e.g. a book or musical recording) except that you may either (a) make one copy of the SOFTWARE solely for backup and archival purposes, or (b) transfer the SOFTWARE to a single hard disk provided you keep the original solely for backup and archival purposes. The manual is a copyrighted work also--you may not make copies of the manual for any purpose other than the use of the software.

3. Other Restrictions: You may not rent or lease the SOFTWARE. You may not reverse engineer, de-compile, or disassemble the SOFTWARE that is provided solely as executable programs (EXE files). If the SOFTWARE is an update, any transfer must include the update and all prior versions. Some of the software provided to you is in source code form. You may not use this or any other part of this product to create derivative products for sale or use without our express written permission.

4. Notice: This software contains functionality designed to periodically notify Lieberman Software Corporation of demo usage and of the detection of suspected pirated license keys. By using this software, you consent to allow the software to send information to Lieberman Software Corporation under these circumstances, and you agree to not hold Lieberman Software Corporation responsible for the use of any or all of the information by Lieberman Software Corporation or any third party.

Country of Origin

This software was developed entirely in the United States of America.

Limited Warranty

The media (optional) and manual that make up this software are warranted by Lieberman Software Corporation to be free of defects in materials and workmanship for a period of 30days from the date of your purchase. If you notify us within the warranty period of such defects in material and workmanship, we will replace the defective manual or media.

The sole remedy for breach of this warranty is limited to replacement of defective materials and/or refund of purchase price and does not include any other kinds of damages.

Apart from the foregoing limited warranty, the software programs are provided "AS-IS", without warranty of any kind, either expressed or implied. The entire risk as to the performance of the programs is with the purchaser. Lieberman Software Corporation does not warrant that the operation will be uninterrupted or error-free. Lieberman Software Corporation assumes no responsibility or liability of any kind for errors in the programs or documentation of/for consequences of any such errors. Lieberman Software Corporation will not be responsible for any incidental or consequential damages that result directly or indirectly from the operation of this product.

This agreement is governed by the laws of the State of California.

Should you have any questions concerning this Agreement, or if you wish to contact Lieberman Software Corporation, please write:

Lieberman Software Corporation 1900 Ave of the Stars, Suite 425 Los Angeles, CA 90067

You can also keep up to date on the latest upgrades via our website at http://www.liebsoft.com or email us at: sales@liebsoft.com

Pre-Usage Considerations

Please ensure that you have completed all steps in the appropriate installation checklist before you begin attempting to manage the Account Reset Console. Installation checklists can be found in the accompanying document, ArcWeb Install Guide.

If you have any questions or concerns about this program’s installation or operation before or after it has been installed, please contact our support department for assistance. Incorrect installation or poor security practices could allow the compromise of your passwords.

When used and installed properly, this program provides excellent performance, speed and security for your password management. Call us if you have any questions about this product.

Welcome to the Account Reset Console

Thanks for using the Account Reset Console!

Thank you for using Lieberman Software’s Account Reset Console! The Account Reset Console, or “ARCWeb” for short, provides your Help Desk with the ability to reset domain account passwords/account flags, and allows users to reset their own forgotten or expiring passwords in a fully audited and delegated manner via any web browser. Features of the Account Reset Console include:

• The ability to control which users or members of the Help Desk have access to the application

• The ability to regulate which group(s) or users each Help Desk person is allowed to manage

• The ability to reset or delegate the authority to reset disabled and locked accounts

• The ability to allow authorized users to change or reset their own passwords,

eliminating Help Desk calls for password resets

• The ability to allow users to reset their own forgotten passwords based on user identity validation against any relational database

• The ability to schedule tasks and reports on all managed users

• And more!

The Account Reset Console Web Interface

The Account Reset Console is an entirely web-based application which can be completely reskinned to match your corporate colors and logos. It can be accessed through any web browser. The Account Reset Console’s user interface is designed to be simple to understand and to put all features of the tool no more than a few clicks away, for quick and easy administration. Here is a quick introduction to the interface:

1. Corporate Logo – your corporate logo can be put here instead of the Lieberman Software logo.

2. Tagline – your own tagline can be used here. In addition, nearly all colors in the Account Reset Console can be changed to match your own corporate identity.

3. Logged-in User: the user currently logged into the system at this web browser.

4. Logout link: Logs the user out of the system.

5. Main menu: Each link on the main menu represents a separate area of activity. Users with lower privilege levels will see only a few main menu items, such as “Accounts” (for normal users) or “Accounts” and “Scheduling/Reporting” (for Help Desk Managers).

6. Side Menu: Each main-menu section is subdivided into several “pages”, which can be accessed through the side menu.

Getting Started

Once you have completely installed the Account Reset Console, you will begin by logging into the web interface and configuring the product. You will also need to set the group privileges to allow help desk and admin personnel to utilize the appropriate parts of the application.

Begin by logging into the Account Reset Console. You will need to use an account that is a member of the initial administrator’s group you specified in the installation process. If your account is not a member of this initial group you will receive an error message explaining why you are not permitted to log in.

Once you log into the Account Reset Console you should see a series of top-level menu options which look similar to the ones below. If you do not see all the menus, you have logged in with an account that is not a member of the initial administrative group, and the Account Reset Console is restricting your access to certain parts of the interface.

The top-level menus represent different parts of the ARCWeb product:

• Accounts – this menu contains the direct account manipulation pages. Ordinary users use these pages to reset their own passwords and configure their answers for identity verification. Help desk users use these pages to reset other users’ accounts.

• Scheduling/Reporting – this menu contains pages for viewing the access and reset logs, and for scheduling tasks and viewing the reports generated by these tasks. These pages are generally for help desk managers.

• Management – this menu contains pages for setting group permissions, program features, and application appearance (skinning). This is also where email will be configured.

• Configuration – this menu contains pages for domain and data source management, verification questions, log database location, and application licensing.

• Index – this menu links to the index page to the entire application, allowing you to immediately jump to any page you have rights to access.

Once you have logged onto the Account Reset Console you should begin by configuring the application to fit your network and your particular needs.

Configuring the Account Reset Console

Overview

Once you have installed and logged into the Account Reset Console, there are a few steps you will need to take to configure the tool to function properly with your network. You can use the tool at any point, but properly configuring it will unlock the full functionality of the product and allow you to explore every feature it offers.

We recommend that you begin working with the Account Reset Console by:

1. Granting Super-User access rights

2. Configuring managed domains

3. Setting up data sources and logging

4. Selecting program features

5. Configuring email

6. Setting up group permissions

7. Viewing logs

Once you have finished these, the core functionality of the Account Reset Console will be completely accessible to yourself and those you delegate authority to. You can then proceed to configure the advanced features of ARCWeb:

1. Configuring verification questions and answers

2. Reviewing data security

3. Updating the application’s appearance

4. Setting up the mobile site (if applicable)

5. Scheduling tasks

6. Configuring licensing

Granting super-user access rights

When you first installed Account Reset Console, you were asked for a group that would be granted initial access. This group is also granted Super-User access. Super-User access allows the users of the identified group to be able to perform any actions in the tool including changing verification questions, database settings, and licensing. You can update these permissions at any time, but if you have certain administration accounts or groups that you would like to have unfettered access to the tool, now is a good time to configure them for your convenience.

You can find super-user configuration under the “Configuration” main menu item, under the “Super-Users” side menu tab:

Add your groups by entering their group name (and domain, if appropriate) into the entry fields and clicking “Add SuperUsers” for each one.

Granting super-user permissions to a group allows them to access any component of the Account Reset Console interface. For more information on super-users, see the dedicated “Super-User Configuration” section later in this document.

Configuring managed domains

Once you have entered your selected super-user groups it is time to configure the specific domains that the Account Reset Console will be able to manage. Domain configurations can be found under the “Configuration” main menu item, in the “Domains” side menu tab.

The Account Reset Console will allow you to select (enable) any domain for which your COM+ account has administrator privileges:

You can see any status error messages by clicking the [details] link for a given domain.

If you cannot enable the domain you wish to manage, you may re-run the installer and use a different account with the appropriate permissions for the COM+ portion of the application, or grant that account required permissions on the target domain. You can also choose to allow ARCWeb to manage the local by choosing the [local system] option.

For more information on domain configuration, see the section titled “Domain Configuration” later in this document.

Setting up data sources and logging

Account Reset Console 4.X requires Microsoft MSDE/SQL Express or SQL Server 2000/2005 or later for logging and user verification purposes. Lieberman Software Corporation recommends Microsoft SQL Server 2000 or 2005 as the optimal solution for these purposes.

The Account Reset Console is designed to use a variety of databases for logging and verification purposes. The “Data Sources” page is the single management point for configuring these databases. Once a database is configured here, it can be used by other parts of the system. You can find this page under the “Configuration” main menu item, in the “Data Sources” side menu tab.

For evaluation purposes the default installed database should suffice. If you need to configure more databases later, the section titled “Data Sources” later in this document fully documents the process of adding a new data source or editing existing data sources. For initial evaluation it should be sufficient to note that the default data source (“Default Log”) should be functional (have a green check as shown above). If you have installed the product and the data source does not have the green check, you will need to return to the installation checklist and doublecheck the database configuration steps.

Once you have functioning data sources, you will need to examine the logging configuration. This page is the next one down on the side menu bar, still in the “Configuration” main menu section, under the “Log Config” side menu tab. The Status line of the page should have a green checkmark next to it, indicating that the default database is functioning.

You can select any data source as your log destination using the dropdown box on this page. The Account Reset Console will reject your choice if you select a non-SQL Server data source. If you select a SQL Server data source without extant tables, ARCWeb will be able to create the appropriate database tables for you. You can find information on the database table requirements and setting alternate databases in the “Logging Configuration” section later in this document.

For evaluation purposes the default database should be all you need.

Selecting program features

The core features of the Account Reset Console can be configured by administrators and super-users. They are divided into two sections: Account Reset Features and Password Change Features. Account Reset Features apply to usage of the Account Reset Console by Help Desk users who are resetting other users’ accounts. Password Change Features apply to usage of the Account Reset Console by users who are resetting their own passwords.

You can find both sets of features under the “Management” top-level menu item. On the side menu they will be items 3 and 4, “Account Reset Features” and “Password Change Features”.

Account Reset Features

The Account Reset features allow you to configure what operations Help Desk personnel can perform on accounts they are resetting. By default, the options should allow all actions on the account. The settings on this page directly affect the available controls on the “Reset User Account” page seen by Help Desk personnel. For evaluating the product the default options should suffice. However, you may find it valuable to switch between this page and the “Reset User Account” page to see exactly what occurs as you change the settings. For more information on these features, see the “Set Account Reset Features” and “Resetting User Accounts” sections later in this document.

Password Change Features

The Password Change Features page allows you to configure the behavior of ARCWeb when users reset their own passwords. Note that the checkbox entitled “Allow lost password recovery through ARC” may be enabled but will only function properly once you have configured your verification questions and answers (in the advanced features).

The default settings should be sufficient for initial evaluation of the product. For more information on this page, see the “Set Password Change Features” section later in this document.

Configuring email

If you want the Account Reset Console to be able to notify users via email of account or password resets, or to be able to email administrators and managers of scheduled task completion or failure, you will need to configure the email system. You can find the email configuration page under the “Management” main menu item and the “Configure Email Settings” side menu tab.

You will need to use appropriate settings for your network and mail server configuration. For more information on configuring email settings, see “Configuring Email Settings” later in this document.

Setting up group permissions

The final step before you begin using the basic features of the Account Reset Console is to delegate login and account reset permissions to your chosen groups. ARCWeb uses two types of account permission, Program Access and Group Access. Program Access allows you to delegate login rights and interface level privileges to groups; Group Access allows you to delegate the authority to reset specific other users’ accounts to groups. Group permissions are the first two side menu tabs under the “Management” main menu tab.

Program Access

You will need to begin by assigning different user groups appropriate web interface access permissions. This is available under “Program Access”. To grant permissions to a group, select the appropriate permissions and click “Add Rule”.

• Allow Web Logon: Allows users to log onto the Account Reset Console to reset their own passwords or configure verification answers.

• Allow Reset of Other Users’ Accounts: Allows users to reset other accounts if they have been granted permissions for the specific target user in the “Group Access” page. See the next section for more information.

• View Console Logs and Task Reports: Allows users to view the Account Reset Console’s activity logs and schedule and view tasks and reports.

• Manage All Web Access Controls: Allows users to specify program features and group permissions.

For more information on how to use this page, please see “Set Program Access Rights”, later in this document.

Group Access

Each group which has been granted the “Allow Reset of Other Users’ Accounts” access right will have access to the “Reset User Account” page in ARCWeb. However, their requests to reset accounts will be rejected unless you also grant them the rights to reset other users’ accounts. The “Group Access” page allows you to specify which target groups can be reset.

Only by setting BOTH the “Allow Reset of Other Users’ Accounts” program access level AND the appropriate group access rule will a help desk user be able to reset another user’s account. For more information, please see the “Set Group Access Rights” section later in this document.

Viewing logs

You can view the logs generated by the Account Reset Console in the “Scheduling/Reporting” main menu section, under the “View Logs” side menu tab.

You can select to view access logs (logs of who has logged on or off the Account Reset Console) or action logs (logs of which user accounts have been reset or viewed by which users). Both successful actions and failed requests are logged. For more information, see the “Log Viewing” section of this document.

Configuring Verification Questions and Answers [Advanced]

Before users can use the Account Reset Console to reset their lost passwords via questionand-answer identity verification, you will need to configure the verification questions and answers. To do this you will need to use the Data Sources, Verification, and Password Change Features pages. The Data Sources and Verification pages can be accessed through the “Configuration” main menu link; the Password Change Features page can be accessed through the “Management” main menu link.

You will begin configuring the verification system at the “Verification” side menu tab in the “Configuration” main menu section.

The Account Reset Console will configure three initial questions for you by default. You can add or remove these questions to/from the list of required questions by clicking the [Add] and [Remove] links. By default on installation, all three questions are required.

You can add more questions by entering the question text at the bottom of the screen and clicking “Add Question”. You should also take this opportunity to select your test user. This test user account will be used to check the entries in the database to confirm that the system is functioning. It should properly be a member of one of the domains you are managing so that you can test the domain name values stored in your verification databases.

Once you have a list of questions you are happy with, it will be time to edit each question so that it retrieves its answer from the appropriate location. You can access this by clicking the [Edit] link.

The Account Reset Console allows you to design and use your own SQL queries, and thus configure your verification system to access any database you may already be using for data storage. This offers you unparalleled flexibility in verification options.

Once you have finished configuring your questions you will need to make one final change to the password change features, under “Management” on the main menu and “Password Change Features” on the side menu: You need to allow users to reset their forgotten password through ARC via ID verification.

Select the “Allow self service unlock and password reset through ARC (via ID verification)” checkbox. And enter a number of allowable wrong answers (we suggest 3), then click “Save Program Features”. You may also elect to allow self service unlock via ARC Credential Provider which is a separate download and installation for each client. This option allows users

+ 65 hidden pages