Index

A B C D E F G H I K L M N O P Q R S T U V W X

Numerics

56-bit encryption, upgrading, 4.17.4

A

access control

access-group, about, 9.2.10

accessible data, suborganization view, 9.11

All access control, 9.2.9

business environment structure, about and elements (table), 9.3.1

business services, configuring, 9.17, 9.18

Catalog access control view, 9.11

catalogs, overview, 9.1.3

customer data, 9.1.2

defined, 9.1

divisions, setting up, 9.3.2

drilldown visibility, configuring, 9.21

license key, role of, 9.6

manager access control, 9.2.5, 9.11

master data, 9.1.2

opportunities in Siebel Financial Services, C.4.1

organization, 9.2.6, 9.11

organizations, setting up, 9.3.3

party data model, S_PARTY table, 9.22

party types, about and table, 9.1.1

party types, relationship among, 9.22.1

personal, 9.11

personal access control, 9.2.1

pick applets, configuring visibility, 9.20

Pick List Object, setting visibility, 9.20.1

position, 9.2.2

positions, setting up, 9.3.3.1

record level, 2.5.3.2

responsibilities, configuring access to business services, 9.17, 9.18

responsibilities, defining and adding views and users, 9.3.4

responsibilities, role of, 5.14.7

single-position access control, about, 9.2.3

single-position access control, Manager view, 9.11

special frame class, using, 9.20.3

strategies, list of, 9.3

suborganization access control, 9.2.8

tab layouts, managing through responsibilities, 9.15

team, 9.11

team access control, about, 9.2.4

troubleshooting issues, 10.3

view level, 2.5.3.1

view properties, displaying, 9.11

view-level mechanisms, 9.1

visibility applet type, 9.11

Visibility Auto All property, using, 9.20.2

access control, business component view

manager setting, 9.2.5.2

role of, 9.5

single or multiple organization, 9.2.7

single-position view mode, 9.2.3

suborganization setting, 9.2.8

team setting, 9.2.4

access control, implementing

applet access control properties, 9.10

application, role of, 9.5

application-level access control, 9.6

business component view modes, 9.8

Owner party type, 9.8

responsibilities, about, 9.5

responsibilities, associating with users, 9.7

view access control properties, 9.11

view construction example, 9.12

visibility applet, role of, 9.5

visibility properties, role of, 9.5

Access Group base and extension tables, illustration, 9.22.12

Access group data model, about and diagram, 9.22.12

access groups

catalog access control, 9.2.10

categories, associating with, 9.14.4.2

categories, disassociating with, 9.14.4.2

creating, 9.14.3.1

data, associating with, 9.14.4

disassociating from catalog, 9.14.4.1

hierarchy, modifying, 9.14.3.3

master data catalog, associating with, 9.14.4.1

members, adding, 9.14.3.2

access-group access control

about, 9.2.10

administrative tasks, listed, 9.14

basic principles, 9.13

business scenario, 9.13.1

catalog, associating an access group with in Financial applications, C.4.2.1

households, administering in Financial applications, C.4.2

inheritance rules, 9.13, 9.13

user’s experience, 9.13.3

Account base and extension tables, illustration, 9.22.6

Account data model, 9.22.6

account policies, about implementing, 7.2.5

adapter-defined user name

deployment option, 5.14

implementing, 5.14.5

Admin mode, visibility, 9.2.9, 9.11

Administration - Server Configuration screen, unable to work in, 10.1

administrative tasks, deactivating employees, 8.10.1.2

administrative tasks, organizational

company structure, setting up, 9.3.1

divisions, setting up, 9.4.1

organizations, setting up, 9.4.2

administrative tasks, positions and responsibilities

positions, setting up, 9.4.3

responsibilities, defining, 9.4.4

ADSI adapter

Active Directory server, setting up, 6.7.2

ADSI client requirement, 5.8.5

ApplicationPassword parameter, A.2.2

comparison with LDAP adapter, 5.7.3

configuring as directory, 6.7.2

delegated administrator, availability of, 8.11.1

deployment options, 5.14

deployment options, listed, 5.14

directory, user management recommendation, 5.8.2

password storage and use, 5.8.3

passwords, 5.8.3

security adapter authentication, implementing, 5.12

security adapter process overview, 5.3.2

Siebel Financial Services, about, C.2.1

Siebel Financial Services, implementing, C.2.2

ADSI adapter, setup scenario

about implementing, 5.12

configuration file parameter values, table of, 5.12.6

configuration file parameter, usage guidelines, 5.12.8.1

directory records, about, 5.12.4

installation prerequisites, 5.12.1

restarting servers, 5.12.9, 6.7.9

testing, 5.12.10

user records, adding, 5.12.5, 5.12.5

users, creating, 5.12.4

ADSI security adapter and DNS servers, 5.8.2

ADSI server, password assignment, 6.7.2

ADSI standards, security adapter authentication, 5.7.1

All access control

about, 9.2.9, 9.11

mobile user restriction, 9.7.2

AllowAnonUsers parameter

about, A.2.4

setting for LDAP or ADSI, 5.12.7.2, 5.12.8.1, 5.12.8.1

setting for Web SSO, 6.7.7

AnonPassword parameter

about, A.1.2

setting for LDAP or ADSI, 5.12.6

setting for Web SSO, 6.7.6

AnonUserName parameter

anonymous browsing, setting for, 8.3.3

setting for LDAP or ADSI, 5.12.6

setting for Web SSO, 6.7.6

anonymous browsing

about, 8.2

anonymous user, role of, 8.3.1

configuration parameters, setting, 8.3.2

implementing, 5.14.6.1, 8.3

Siebel Financial Services, registering and administering, C.3.2

views, setting or removing explicit login, 8.3.3

anonymous user

about, 5.12.4, 8.2

anonymous user record, modifying, 8.3.1

automatically populated fields, 8.6.1

implementing, 5.14.6

parameter controlling, A.2.4

seed data responsibilities, about using, 8.3.1

seed data user IDs, 8.6.1

self-registration, modifying for, 8.6.1

Web SSO authentication, 6.7.4

applets

access control, 9.11

defined, 9.10

display name and visibility, 9.10

pick applet visibility, 9.20

special frame class for visibility, 9.20.3

viewing properties, 9.10

visibility properties, about, 9.10

application

access control, implications of, 9.5

license key and view visibility, 9.6

Application Object Manager, ADSI adapter requirements, 5.8.5

application user

about, 5.12.4

Web SSO authentication, 6.7.4

write privileges, 8.9, 8.11.1

application-level access control, about and view visibility, 9.6

ApplicationPassword parameter

about, A.2.2

setting for LDAP or ADSI, 5.12.7.3

ApplicationUser parameter

about, A.2.2

setting for LDAP or ADSI, 5.12.7.3

APPUSER, 5.12.4

APPUSERPW, 5.12.4

architecture, Siebel Security

data confidentiality, end-to-end encryption, 2.5.2

data continuity, auditing for, 2.5.4

data visibility, authorization to control, 2.5.3

intrusion, preventing by secure physical deployment, 2.5.5

mobile solutions, security for, 2.5.6

secure system access, user authentication for, 2.5.1

attributes, password storage, 5.8.3

auditing, 2.5.4

authentication

architecture differences between Standard and Developer Web Clients, 5.20

database authentication, 5.4

database authentication, implementing, 5.5

methods, comparison table, 5.2

methods, overview, 5.1

Authentication Method parameter, 5.21.2

authentication options

adapter-defined user name, implementing, 5.14.5

anonymous browsing, implementing, 5.14.6.1

anonymous user, implementing, 5.14.6

checksum validation, 5.14.2

credentials password hashing, 5.15

digital certificate authentication, 6.8

implementing, 5.14.3

password hashing, 5.15

remote configuration, 5.20.2

roles, 5.14.7

secure login, 7.2.1

shared database account, implementing, 5.14.4

user specification source, implementing, 6.9

views, securing, 7.1

auto-login cookie, 7.2.4, 7.3

B

BaseDN parameter

about, A.2.2

setting for LDAP or ADSI, 5.12.7.3

business component view mode

about data access, 9.8

manager setting, 9.2.5.2

mode and visibility fields, viewing, 9.8

role in access control, 9.5

single or multiple organization setting, 9.2.7

single-position setting, 9.2.3

suborganization setting, 9.2.8

team setting, 9.2.4

business components

All access control, 9.2.9

control properties, displaying, 9.11

overriding visibility, 9.20.1

self-registration, 8.6.1

self-registration views, 8.6.4

view construction example, 9.12

visibility applet, about, 9.11

visibility applet, role in access control, 9.5

visibility properties, role in access control, 9.5

business environment structure

about and elements (table), 9.3.1

multiple organizations, benefits of, 9.3.1.1

multiple organizations, reasons for, 9.3.1.2

business services

configuring access control, 9.17, 9.18

creating custom, 8.6.4.3

C

CACertFileName parameter, 4.9.1

Cascade button, 9.13

Catalog access control view, 9.11

catalogs

about, 9.1.3

about accessing, 9.1.3

access control strategy, 9.3

access control, types of, 9.2.10

access groups, associating with data, 9.14.4

access-group access control principles, 9.13

administrative tasks, listed, 9.14.1

associating access group and data, 9.14.4.1

categories, role of, 9.1.3

controlling access to categories, 9.13

disassociating access groups, 9.14.4.1

granting access to, 9.2.10

navigating, 9.13.3

properties of, 9.1.3

role in master data, 9.1.3

user experience, about, 9.13.3

D

data confidentiality, end-to-end encryption, 2.5.2

data continuity, auditing, degrees of, 2.5.4

data visibility, authorization to control

about, 2.5.3

access control, record level, 2.5.3.2

access control, view level, 2.5.3.1

intrusion, preventing by secure physical deployment, 2.5.5

data, categorized, 9.13.3, 9.13.3, 9.13.3

database authentication

about, 2.5.1.1

compared to other methods, 5.2

delegated administration, availability of, 8.11.1

implementing, 5.5

limitations of, 5.4.2

overview, 5.4

password hashing, 5.15

process overview, 5.4.1

self-registration, 8.4

database column, encrypted, 4.14

database storage, data confidentiality, 2.5.2

DBO password, changing, 3.5

DBSecAdpt_CRC parameter, about, A.4.3

DBSecAdpt_SecAdptDllName parameter, about, A.4.3

deduplication

about, 8.6.5

deduplication check, disabling, 8.6.5.3

fields, modifying, 8.6.5.2

Default Organization Division records, seed data, B.4

delegated administration

authentication requirements, 8.11.1

delegated administrator responsibility, restricting, 9.7.1

new customers, registering, 8.11.3

partner applications, about, 8.11.4

partner user, registering, 8.11.4

registering users, about, 8.11.3

responsibilities, assigning, 8.11.4

write privileges, user directory, 8.11.1

delegated administrators

about, 8.11

delegated administration, administrator access, 8.11.2

inheritance of responsibilities, 8.10.5

New Responsibility field, editing, 8.10.5

user authentication requirements, 8.11.1

deployment options, LDAP and ADSI adapters, 5.14

Developer Web Client

See Siebel Developer Web Client

digital certificate authentication, 6.2.2, 6.8

digital certificates, installing on UNIX, 4.4.2

E

eapps.cfg file

See configuration file

Employee base and extension tables, illustration, 9.22.4

employee user

active position, changing, 8.12.3.1

contact user, adding new, 8.10.3

defined, 9.22.4

Employee data model, 9.22.4

employee setup, about completing, 8.10.1.1

employee, deactivating, 8.10.1.2

minimum requirements, 8.10.1

new record, adding, 8.10.1

New Responsibility field, population of, 8.10.5

partner user, adding, 8.10.2

position access control, 9.2.2

position, active, 8.12.3

primary position, changing, 8.12.3.2

responsibilities, assigning, 9.7.4

seed data record, B.1

employees, deactivating, 8.10.1.2

Encrypt client Db password parameter, 5.16.1

EncryptApplicationPassword parameter, about, A.4.5

EncryptedPassword parameter, 3.8, A.1.2

encryption

enabling on database table column, 4.14

end-to-end for data confidentiality, 2.5.2

Key Database Manager, using, 4.15

Microsoft Crypto, configuring for, 4.6

Mobile Web client, encryption for synchronization, 4.12

new encryption keys, adding, 4.15.1

RC2 encryption administration, 4.13

RC2 encryption administration, upgrading, 4.13.4

RSA configuring for, 4.6

search encrypted data, 4.14

Siebel Server for TLS encryption, configuring for, 4.8

Siebel Server, configuring Microsoft Crypto or RSA for, 4.6

Siebel Web Server Extension, configuring for TLS encryption, 4.9, 4.9

TLS encryption, configuring Siebel Enterprise or Siebel Server, 4.8, 4.9

types of, 4.1

Unicode support, 4.21

Web client, configuring for, 4.11

Encryption Type parameter, 4.6

Encryption Upgrade Utility

56-bit encryption upgrading, 4.17.4

RC2 encryption, modifying the input file, 4.17.2

RC2 encryption, prerequisites, 4.17.1

EncryptSessionId parameter (eapps.cfg file), 7.3.1.3

EncryptSessionId parameter, about, A.1.2

encryptstring.exe, 3.10, 3.10

eservice.cfg file, LDAP sample, 5.14.7

exporting tab layouts, 9.15.3

external authentication

anonymous user record, 8.2

Developer Web Clients, including, 5.20

password storage requirement, 5.8.3

remote configuration option, about, 5.20

remote security configuration file requirements, 5.20.2

security adapters for, 2.5.1.2

system testing, 5.12.10

testing Web SSO, 6.7.10

F

fields, self-registration

designating as required, 8.6.4.4

locating, 8.6.4.4

required property, removing, 8.6.4.4

files, cookies, 7.3

FindContact method

Forgot Your Password, modifying, 8.8.4

input fields, adding or deleting, 8.8.8

Forgot Your Password? question

architecture, 8.8.3

comparison fields, modifying, 8.8.6, 8.8.7

input fields, adding or deleting, 8.8.8

new password, retrieving, 8.8.1

null fields, processing of, 8.8.5

Query User step parameters, 8.8.4

using link, about, 8.8

workflow process, about modifying, 8.8.4

frame class, 9.20.3

G

Gateway Name Server authentication

overview, 5.18

Group Access control view, 9.11

GUESTCP user ID, 3.2.2, B.2

GUESTCST user ID, 3.2.2, B.2

GUESTPW, 5.12.4

GuestSessionTimeout parameter, about, A.1.2, A.1.2

H

hashing passwords, 5.15

high interactivity client, self-registration, 8.4

Household

administrative tasks, 9.14.2.3

base and extension tables, illustration, 9.22.10

I

IBM HTTP Server, 2.5.1.2

IBM Tivoli Access Manager WebSEAL, disable proxy server, A.2.4, A.2.4, A.4.1

IBM Tivoli Directory Server, 2.5.1.2

importing tab layouts, 9.15.3

industry standards, using, 2.3

Info Center

categorized data, viewing, 9.13.3

Explorer, about, 9.13.3

IntegratedDomainAuth parameter

about, A.1.2

setting for Web SSO, 6.7.6

IntegratedSecurity parameter, 5.20

internal administrator, modifying New Responsibility field, 8.10.5

Internet Assigned Numbers Authority, Private Enterprise Number, 5.8.3

K

Key Database Manager

keyfile password, changing, 4.15.2

new encryption keys, adding, 4.15.1

running, 4.15

key exchange for Microsoft Crypto or RSA encryption, 4.7

keyfile password, changing, 4.15.2

KeyFileName parameter, 4.8.1, 4.9.1

KeyFilePassword parameter, 4.8.1, 4.9.1

L

LDAP adapter

about, 5.12

ApplicationPassword parameter, A.2.2

comparison with ADSI adapter, 5.7.3

configuration file parameter values, table of, 5.12.6

configuration file parameters, usage guidelines, 5.12.8.1

delegated administrator, availability of, 8.11.1

deployment options, 5.14, 5.14

directory records, about, 5.12.4

installation prerequisites, 5.12.1

restarting servers, 5.12.9, 6.7.9

security adapter authentication, 5.7.1, 5.12

security adapter process overview, 5.3.2

Siebel Financial Services, about, C.2.1

Siebel Financial Services, implementing, C.2.2

SsIDatabase parameter, A.2.2

testing, 5.12.10

user records, adding, 5.12.5, 5.12.5

users, creating, 5.12.4

LDAP client software

about installing, 5.9

installing using Siebel Enterprise Server installer, 5.9.2

requirements for installing, 5.9.1

libsscforacleldap.sl file, A.2.2

libsscforacleldap.so file, A.2.2

license agreement, replacing default text, 8.6.4.1

license key, role in view visibility, 9.6

Local Access flag, 9.7.2

account policies, about implementing, 7.2.5

database authentication overview, 5.4

password, storage of, 5.8.3

requirements for views, setting or removing, 8.3.3

additional features, 7.2

password expiration, about and implementing, 7.2.5.1

M

Mainwin

See mwcontrol utility

manager access control, about, 9.2.5

Manager List Mode user property, 9.2.5.1

Manager visibility, 9.2.5, 9.11

manager-subordinate relationship, about, 9.2.5

master data

access control, 9.2.10, 9.3

associating with access group, 9.14.4.1

organization of, 9.1.3

role in access control, 9.1.2

Microsoft Active Directory, 2.5.1.2

Microsoft Crypto encryption

configuring for, 4.6

key exchange, 4.7

Microsoft IIS, 2.5

Microsoft Windows, changing SADMIN password, 3.3

mobile applications

device user authentication, 2.5.6.2

security, about, 2.5.6

wireless communication, secure real time, 2.5.6.1

mobile users

accessible views, 9.7.2

authentication, restriction, 5.1.1

positions and visibility rules, 9.3.3.3

Mobile Web client, encryption for synchronization, 4.12

multiple organizations

access control, 9.2.7

benefits of, 9.3.1.1

reasons for, 9.3.1.2

mwcontrol utility, 4.4.3

N

Name Server parameters, editing, 5.12.9, 6.7.9

New Responsibility field

about, 8.6.1

modifying, 8.10.5, 8.10.5

population of, 8.10.5

Novell NDS eDirectory, 2.5.1.2

null fields, processing of, 8.8.5

O

Oracle iPlanet Web Server, 2.5.4

Oracle LDAP Client

about installing, 5.9

installing on UNIX, 5.10.3

installing on Windows, 5.10.2

installing using Siebel Enterprise Server installer, 5.9.2

requirements for installing, 5.9.1

Oracle Wallet Manager

about, 5.9.1

creating a wallet, 5.10.5

organization access control

about, 9.2.6

active organization and view access, 9.7.1

associating responsibilities, 9.7.1

customizable product visibility, 9.2.7

multiple organization access, identifying views with, 9.2.7

multiple-organization access control, 9.2.7

single and multiple organizations, 9.2.7

single-organization access control, 9.2.7

suborganization access control, 9.2.8

Organization base and extension tables, illustration, 9.22.8

Organization data model, about, 9.22.8

Organization group type, administrative tasks, 9.14.2.2

Organization party type

defined, 9.22.8

divisions, about, 9.22.1

relationship rules, 9.22.1

Organizational visibility, 9.11

organizations

administrative tasks, 9.14.2.2

benefits of, 9.3.1.1

divisions, role of, 9.3.2

multiple organizations, reasons for, 9.3.1.2

positions, changing, 9.3.3.2

setting up (procedure), 9.4.2

setting up, about, 9.3.3

Owner party type, 9.8

Owner Type Position view mode, 9.11

P

parties

See party types

partner applications

delegated administrators, role of, 8.11.4

duplication fields, 8.6.5.2

primary position, changing, 8.12.3.2

responsibilities, assigning, 8.11.4, 9.7.4

self registration, 8.5, 8.6.1

self-registration workflow views, 8.6.3.2

Partner Organization base and extension tables, illustration, 9.22.9

Partner Organization data model, 9.22.9

partner user

adding, 8.10.2

new user, registering, 8.11.4

position access control, 9.2.2

responsibilities, assigning, 8.11.4, 9.7.4

Party base and extension tables, about and diagram, 9.22

Party data model

about, 9.22

Access group data model, 9.22.12

Account data model, 9.22.6

Division data model, 9.22.7

Employee data model, 9.22.4

Household data model, 9.22.10

Organization data model, 9.22.8

Partner Organization data model, 9.22.9

Person (contact) data model, 9.22.2

Position data model, 9.22.5

User data model, 9.22.3

User list data model, 9.22.11

party types

about and table, 9.1.1

access control, categorized master data, 9.2.10

determining user access, 9.8

parties, defined, 9.1.1

relationships among party types, 9.22.1

user lists, adding users, 9.14.2.4

user lists, creating, 9.14.2.4

password

changing default passwords, 3.2

enabling fields for end user to change password, 3.2

encrypt password in configuration file, A.4.5

expiration, about and implementing, 7.2.5.1

failed tasks, checking for, 3.6

Forgot Your Password architecture, 8.8.3

Forgot Your Password link, 8.8

hashing, 5.15

retrieving a new password, 8.8.1

SADMIN, changing on Windows, 3.3

Table Owner (DBO) and password, changing, 3.5

user profile, changing for, 8.12.2

Web server images, adding a password for updating, 3.8

PasswordAttributeType parameter

about, A.2.2

setting for LDAP or ADSI, 5.12.7.3

PeerAuth parameter, 4.8.1, A.1.5

PeerCertValidation parameter, 4.8.1, A.1.5, A.1.5

permissions, authentication directory parameter, A.2.2

persistent cookie, 7.3

Person base and extension tables, illustration, 9.22.3

Person data type

contrasted with User, 9.22.3

responsibilities, assigning, 9.7.4

personal access control, 9.2.1, 9.11

Personal visibility, 9.2.1

physical deployment, Siebel Reports access, 5.22

pick applets

special frame class, using for visibility, 9.20.3

visibility, 9.20

Pick List object, setting visibility, 9.20.1

Popup Visibility Type property, 9.20

Port parameter, setting for LDAP or ADSI, 5.12.7.3

PortName parameter, about, 5.11, A.2.2

position access control, about implementing, 9.2.2

Position base and extension tables, illustration, 9.22.5

positions

active position, about, 8.12.3

active position, changing, 8.12.3.1

active position, designating, 9.2.2

administrative tasks, listed, 9.14.2.1

changing within organization, 9.3.3.2

contact users, adding new, 8.10.3

deleting, 9.3.3.3

multiple employees, about, 9.3.3.2

parent-and-child relationships, 9.3.3.3

partner users and delegated administrators, 8.11.4

Position data model, 9.22.5

position hierarchy, 9.2.5

position, defined, 9.2.2

primary position, 9.2.2

primary position, changing, 8.12.3.2

renaming, cautions about, 9.3.3.3

role in employee definition, 9.22.4

setting up (procedure), 9.4.3

setting up, about, 9.3.3.1

primary responsibility, assigning, 9.15.2

Private Enterprise Number, 5.8.3

Private key file name parameter (KeyFileName), 4.8.1

Private key file password parameter (KeyFilePassword), 4.8.1

ProtectedVirtualDirectory parameter

about, A.1.2, A.1.4

not using for LDAP or ADSI, 5.12.6

setting for Web SSO, 6.7.6

proxy employee

about, 9.2.6

seed data positions, B.4

PROXYE user ID, B.1

Q

Query User parameters, 8.8.4

R

RC2 encryption administration

about, 4.13

Key Database Manager, using, 4.15

upgrading, 4.13.4

RC2 encryption, upgrading to

56-bit encryption, upgrading, 4.17.4

input file, modifying, 4.17.2

prerequisites, 4.17.1

referential data, access control strategy, 9.3

registration, troubleshooting user registration issues, 10.2

Remember My User ID feature, 7.2.4

remote authentication, 5.21

remote configuration option

applicable authentication strategies, 5.20.2

external authentication, about implementing, 5.20

implementation guidelines, 5.20.2

REMOTE_USER variable, A.1.2

resources (security references), bibliography of, 2.6

responsibilities

about, 9.3.4

access control, implications of, 9.5

Administrative views, 9.3.4

anonymous user, 8.3.1

assigned by delegated administrator, 8.11.3

assigning, 5.14.7

assigning to employee user, 9.7.4

assigning to Partner, 9.7.4

assigning to Person, 9.7.4

associating with partner organizations, 8.11.4

configuring access to business services, 9.17, 9.18

configuring access to tasks, 9.16

defined, 9.7

defining, 9.4.4

inheritance of, 8.10.5

New Responsibility field, 8.10.5

organizations, associating with, 9.7.1

relation to job function, 9.3.4

responsibility fields and self-registration, 8.6.1

role of, 5.14.7

seed data, about and table, B.3

seed data, modifying, 8.3.1

seed responsibilities, modifying or deleting, 9.3.4

System Preferences view, limiting access, 9.3.4

user, assigning to, 9.7.4

using roles to associate, 5.8.3, 5.14.7

views, accessing locally, 9.7.2

views, seeing included in responsibility, B.3.1

Reverse proxy server, disable, A.2.4, A.2.4, A.4.1

roles

applicable authentication strategies, 5.14.7

assigning, 5.14.7

configuration file setting, 5.14.7

storing in directory, 5.8.3, 5.14.7

RolesAttributeType parameter

about, A.2.2

sample setting, eservice.cfg, 5.14.7

RSA encryption

about, 2.3

configuring for, 4.6

key exchange, 4.7

S

S_BU table, 9.22.8, 9.22.9

S_CONTACT table, 9.22.2, 9.22.2, 9.22.3, 9.22.4

S_EMP_PER table, 9.22.4

S_ORG_EXT table, 9.22.6, 9.22.8

S_ORG_GROUP table, 9.22.10

S_ORG_PRTNR table, 9.22.9

S_PARTY table

about and diagram, 9.22

Access Group data model, 9.22.12

Account data model, 9.22.6

Division data model, 9.22.7

Employee data model, 9.22.4

Household data model, 9.22.10

Organization data model, 9.22.8

Partner Organization data model, 9.22.9

Person (contact) data model, 9.22.2

Position data model, 9.22.5

User data model, 9.22.3

User list data model, 9.22.11

S_PARTY_GROUP table, 9.22.12

S_PARTY_PER table, 9.22.1

S_PARTY_REL table, 9.22.1

S_PER_RESP intersection table, 9.22.3

S_POSTN table, 9.22.4, 9.22.5

S_USER table, 9.22.3, 9.22.4

S_USERLIST table, 9.22.11

SADMIN password

default, 3.2.1

Microsoft Windows, changing on, 3.3

salt user password

about, 5.15, A.2.2

parameter, 5.11

SecAdptDllName parameter

about, A.2.2

setting for LDAP or ADSI, 5.12.7.3

SecThickClientExtAuthent system preference, 5.12.8.2

secure adapter communications deployment option, 5.14

secure login

deployment option, 7.2.1

implementing, 7.2.1

Secure Sockets Layer, using with Siebel CRM, 2.7

SecureBrowse parameter, about, A.2.4, A.4.1

SecureLogin parameter

about, A.4.1

setting for Web SSO, 6.7.7

security

architecture, components of, 2.5

industry standards, using, 2.3

overview, 2

security adapter

administrator login requirement, 8.9

ASSI adapter requirements, 5.8.2

comparison of LDAP and ADSI adapters, 5.7.3

deployment options, listed, 5.14

directory requirements, 5.8

external security adapters, about implementing, 5.3

LDAP and ADSI security adapter authentication, 5.7.1

LDAP and ADSI security adapter authentication, implementing, 5.12

operation modes, 5.3.2

overview, 5.3

SharedCredentialsDN parameter, A.2.2

Siebel Developer Web Client, and, 5.20

single application access, 5.7

security adapter authentication

adapter-defined user name, implementing, 5.14.5

administration through Web Client, 8.6.2

anonymous browsing, implementing, 5.14.6.1

anonymous user, implementing, 5.14.6

as authentication service, 5.7.1

benefits, 5.7

checksum validation, 5.14.2

compared to other methods, 5.2

credentials password hashing, 5.15

digital certificate authentication, 6.8

implementing, 5.14.3

password hashing, 5.15

remote configuration option, about, 5.20.2

roles, use of, 5.14.7

set-up, process overview, 5.12

shared database account, implementing, 5.14.4

user specification source, implementing, 6.9

views, securing, 7.1

security references, bibliography of, 2.6

security roadmap, list of tasks, 2.8

security system access, user authentication for

about, 2.5.1

database authentication, 2.5.1.1

external authentication, security adapters for, 2.5.1.2

Web Single Sign-On (SSO), 2.5.1.3

seed data

anonymous user, about, 5.12.5

anonymous user, using, 8.3.1

Default Organization Division records, about, B.4

Employee record, B.1

GUESTCST user, 8.3.1

non-employee User records (table), B.2

position hierarchy, 9.2.5

proxy employee, B.1

Proxy Employee Position, about, B.4

responsibilities seed data chart (table), B.3

responsibilities, modifying, 8.3.1

self-registration workflow processes, revising, 8.6.4.2

Siebel Financial Service, about seed responsibilities and table, C.6.2

Siebel Financial Service, about seed users and table, C.6.1

Siebel Financial Services, registering and administering, C.3.1

user IDs, anonymous users, 8.6.1

workflow processes, about modifying, 8.6.4

self-registration

about, 8.4

activating (procedure), 8.6.3

anonymous user record, modifying, 8.6.1

application-specific examples, 8.5

business components, 8.6.1

components of self-registration, 8.6

configuration parameter, 8.6.2

custom business services, about, 8.6.4.3

deduplication check, disabling, 8.6.5.3

fields, redefining required fields, 8.6.4.4

license agreement, replacing default, 8.6.4.1

registering, user perspective, 8.5

Siebel Financial Services, registering and administering, C.3.3

user deduplication, about, 8.6.5

views, about modifying, 8.6.4

workflow processes, activating, 8.6.3.1

workflow processes, viewing, 8.6.3

self-registration fields

adding fields to a view, 8.6.4.5

automatic population, 8.6.1

class specification, 8.6.4.4

data collection process overview, 8.6.4.5

deduplication fields, modifying, 8.6.5.2

duplicate user updates, preventing, 8.6.5.1

required property, removing, 8.6.4.4

required, designating as, 8.6.4.4

virtual fields, use of, 8.6.4

self-registration workflow processes

data collection overview, 8.6.4.5

deduplication checks, disabling, 8.6.5.3

deduplication fields, modifying, 8.6.5.2

duplicate user updates, preventing, 8.6.5.1

fields, adding to views, 8.6.4.5

new applets, including, 8.6.4.7

seed data, revising, 8.6.4.2

views, table of, 8.6.3.2

ServerName parameter

description, A.2.2

setting for LDAP or ADSI, 5.12.7.3

session cookies

about, 4.11.1

modes on the SWSE, 7.3

SessionTimeout parameter, about, 6.10.1, A.1.2, A.1.2, A.1.3

SessionTimeoutWarning parameter, A.1.1, A.1.2

SessionTracking parameter, 7.3.1

shared database account deployment option, 5.14

shared database account, implementing, 5.14.4

SharedCredentialsDN parameter

about, A.2.2

setting for LDAP or ADSI, 5.12.7.3

SharedDBPassword parameter

about, A.2.2

SharedDBUsername parameter

about, A.2.2

Siebel Configuration Wizard, running for SWSE, 4.9.1

Siebel database

contact user, adding new, 8.10.3

employee setup, about completing, 8.10.1.1

employee, deactivating, 8.10.1.2

new employee, adding, 8.10.1

New Responsibility field, population of, 8.10.5

partner user, adding, 8.10.2

position, role of, 8.10

user records, adding, 5.12.5, 6.7.5

Siebel Developer Web Client

compared to Standard Web Client, 5.20

configuration file, A.4

security adapter system preference, 5.12.8.2

Siebel Enterprise security token, 3.8

Siebel Financial Services

access control mechanisms, C.4.1

access-group access control, administering, C.4.2

anonymous browsing, registering and administering, C.3.2

applications (table), C.1

configuration file names, about and table, C.5

eapps.cfg file and eapps_sia.cfg, about and table, C.2.6

external administration of users, C.3.5

internal administration of users, C.3.4

LDAP and ADSI security adapter authentication, C.2.1

LDAP and ADSI security adapter authentication, implementing, C.2.2

seed data, registering and administering, C.3.1

seed responsibilities, about and table, C.6.2

seed users, about and table, C.6.1

self-registration, registering and administering, C.3.3

unregistered users, registering and administering, C.3.2

user profile, about maintaining, C.3.7

Web SSO authentication, implementing, C.2.4

Siebel Gateway Name Server parameters

about and table, A.2

custom security adapter authentication, A.2.3

database authentication, A.2.1, A.2.3

LDAP and ADSI authentication, A.2.2, A.2.3

parameters for Application Object Manager, A.2.4

Siebel QuickStart cookie, 7.3, 7.3.3

Siebel Reports, securing access, 5.22

Siebel Security Adapter Software Developers Kit (SDK), about, 2.5.1.4

Siebel Server

configuration file, A.4

TLS, setting additional name server parameters, 4.8.2

Siebel Web Client, administering security adapter authentication, 8.6.2

Siebel Web Engine, sample configuration parameters, A.1

Siebel Web Server Extension

role in database authentication, 5.4.1

TLS encryption, configuring, 4.9

SiebelAdapterUsername parameter, about, A.2.2

SiebEntSecToken parameter

See Siebel Enterprise security token

single application access, 5.7

single sign-on

See Web SSO

single-organization access control, 9.2.7

single-position access control, 9.2.3, 9.11

SingleSignOn parameter

about, A.1.2, A.2.2

not using for LDAP or ADSI, 5.12.6

setting for Web SSO, 6.7.6, 6.7.7

spoofing attacks, protecting against, A.1.2

sscforacleldap.dll file, A.2.2

sscfsadb.dll file, A.4.3

SsIDatabase parameter, about, A.2.2

SSL, about using with Siebel CRM, 2.7

Standard Encryptor, 4.21.3

standard interactivity, self-registration, 8.4

Standard Web Client and Developer Web Client, compared, 5.20

suborganization access control

about, 9.2.8

accessible data, 9.11

SubUserSpec parameter, about, A.1.2

Sun Java System Directory Server, 2.5.1.2

system preferences, editing, 5.12.8.2

T

tab layouts

administering tab layout, 9.15.1

importing and exporting, 9.15.3

managing through responsibilities, about, 9.15

primary responsibility, assigning, 9.15.2

Table Owner (DBO), changing and password, 3.5

team access control, 9.2.4, 9.11

test user

about, 5.12.4

Siebel database, adding records for, 5.12.5

Web SSO authentication, 6.7.4

testing external authentication system, 5.12.10

TESTPW, 5.12.4

TESTUSER, 5.12.4

TLS communication, about, 2.3

TLS encryption

configuring for, 4.8

Siebel Server, setting additional name server parameters, 4.8.2

SWSE, configuring for, 4.9

token, Siebel Enterprise, 3.8

transaction data, access control strategies, 9.3

troubleshooting

access control issues, 10.3

Administration - Server Configuration screen, unable to work in, 10.1

user registration issues, 10.2

TrustToken parameter

about, A.1.2, A.2.2

not using for LDAP or ADSI, 5.12.6

setting for Web SSO, 6.7.6, 6.7.7

U

Unicode support, 4.21

UNIX, installing certificates, 4.4.2, 4.4.3

unregistered users

anonymous user record, 8.2

granting view access, 8.3

parameter controlling, A.2.4

seed anonymous user, about, 8.3.1

Siebel Financial Services, registering and administering, C.3.2

views, setting or removing explicit login, 8.3.3

UseAdapterUsername parameter, A.2.2

User

contrasted with Employee, 9.22.4

defined, 9.22.3

responsibilities, assigning, 9.7.4

User data model, 9.22.3

user administration

delegated administrators, 8.11

Siebel database, adding user to, 8.10

user profile, maintaining, 8.12

user authentication

See authentication

User business component, underlying tables, 8.10

user credentials, source designation parameter, A.1.2

User data model, 9.22.3

user deduplication, about, 8.6.5

user directory

self-registration parameter, 8.6.2

write privileges, 8.9, 8.11.1

User List base and extension tables, illustration, 9.22.11

User list data model, about and diagram, 9.22.11

User lists

creating, 9.14.2.4

users, adding, 9.14.2.4

user profile

about updating, 8.12

active position, changing, 8.12.3

passwords, changing, 8.12.2

personal information, editing, 8.12.1

user records

adding to Siebel database, 5.12.5

data collection, process overview, 8.6.4.5

seed data, provides as (table), B.2

user registration

registering, about, 8.1

requirements, 8.1.1

seed data, 8.1.2

troubleshooting issues, 10.2

User Registration business component

comparison fields, modifying, 8.8.7

deduplication fields, excluding, 8.6.5.1

deduplication fields, modifying, 8.6.5.2

Forgot Your Password architecture, 8.8.3

new applets, 8.6.4.7

Query User step parameters, 8.8.4

self-registration views, 8.6.4

User Registration business service, 8.8.4

User specification source

about, 6.2.2

implementing, 6.9

UseRemoteConfig parameter, 5.20.2, A.4.2

UserNameAttributeType parameter

about, A.2.2

setting for LDAP or ADSI, 5.12.7.3

users, Siebel database, adding to, 8.10

UserSpec parameter

about, A.1.2

not using for LDAP or ADSI, 5.12.6

setting for Web SSO, 6.7.6

UserSpecSource parameter

about, A.1.2

not using for LDAP or ADSI, 5.12.6, 5.12.6

setting for Web SSO, 6.7.6

V

Validate peer certificate parameter (PeerCertValidation), 4.8.1

view access, unregistered users, 8.3

views

adding fields, 8.6.4.5

displaying view properties, 9.11

explicit login requirements, setting or removing, 8.3.3

group access control, 9.11

license key and visibility, 9.6

limiting access to, 9.3.4

new applets, including, 8.6.4.7

responsibility, role in access, 9.7

securing, 7.1

self-registration views, related business components, 8.6.4

self-registration workflow views, table of, 8.6.3.2

view construction, example, 9.12

view, defined, 9.1

virtual directories

creating, 6.7.3.3

ProtectedVirtualDirectory parameter, A.1.2, A.1.4

virtual fields, self-registration process, 8.6.4

visibility

All, 9.11

Manager, 9.2.5

Personal, 9.2.1

positions, role of, 9.3.3.1

responsibilities, role of, 9.3.4

view visibility properties, 9.5

visibility applet

access control, types of, 9.11

business component and view connection, 9.5

field display, role in, 9.11

view construction example, 9.12

Visibility Applet Type property, 9.21.1

Visibility Auto All property, using, 9.20.2

Visibility Type property, 9.20.1, 9.21.2

W

wallet, creating, 5.10.5

Web browser, security settings for, 2.5.7

Web Client users, authentication compatibility, 5.1.1

Web client, configuring encryption for, 4.11

Web server images, adding a password for updating, 3.8

Web servers

IBM HTTP Server, 2.5.1.2

Microsoft IIS, 2.5

Oracle iPlanet Web Server, 2.5.4

Web SSO

about, 2.5.1.3

anonymous browsing, implementing, 5.14.6.1

anonymous user, implementing, 5.14.6

checksum validation, 5.14.2

credentials password hashing, 5.15

digital certificate authentication, 6.8

implementing, 5.14.3

shared database account, implementing, 5.14.4

Siebel Financial Services, implementing, C.2.4

user credential source designation, A.1.2, A.1.2

user specification source, implementing, 6.9

views, securing, 7.1

virtual directory, A.1.2, A.1.4

Web SSO adapter

adapter-defined user name, implementing, 5.14.5

ApplicationUser parameter, A.2.2

BaseDN parameter, A.2.2

CredentialsAttributeType parameter, A.2.2

deployment options, listed, 5.14

PasswordAttributeType parameter, A.2.2

PortName parameter, 5.11, A.2.2

remote configuration option, about, 5.20.2

roles, use of, 5.14.7

RolesAttributeType parameter, A.2.2

SecAdptDllName parameter, A.2.2

security adapter process overview, 5.3.2

SingleSignOn parameter, A.2.2

SsIDatabase parameter, A.2.2

TrustToken parameter, A.2.2

UserNameAttributeType parameter, A.2.2

Web SSO authentication

about, 6.1

authentication process, overview, 6.3

compared to other methods, 5.2

digital certificate authentication, 6.2.2

implementation considerations, 6.1.1

implementation, about, 6.2

remote authentication, 5.21

self-registration, 8.4

setup scenario, 6.7.1

user specification source option, 6.2.2

Web SSO, setup scenario

Active Directory server, setting up, 6.7.2

Active Directory Service Interfaces server, password assignment, 6.7.2

Active Directory Service Interfaces, configuring as directory, 6.7.2

creating users in the directory, 6.7.4

sample configuration, 6.7.1

setup tasks, 6.7

testing, 6.7.10

user records, adding to Siebel database, 6.7.5

virtual directories, creating, 6.7.3.3

Windows

ADSI client requirement, 5.8.5

SADMIN password, changing, 3.3

Windows Integrated Authentication, A.1.2

wireless communications, secure real time, 2.5.6.1

workflow processes

activating (procedure), 8.6.3

custom business services, about, 8.6.4.3

license agreement text, replacing, 8.6.4.1

revising, 8.6.4.2

seed data, revising, 8.6.4.2

seed processes, about modifying, 8.6.4

self-registration workflow views, table of, 8.6.3.2

self-registration, activating processes, 8.6.3.1

viewing, 8.6.3

X

X.500 Object ID, 5.8.3

X.509 authentication, 2.3