I recently have been doing some work with TAM ESSO. Pretty cool product from Passlogix. The idea is that if you have many applications that users have to remember names and passwords for both client/server, web apps and even terminal applications you can use TAM ESSO to manage the user credentials for each of those apps. When you login to Windows, you must also login to TAM ESSO. TAM will detect when you attempt to access an application that requires a name and password and will login for your so that you are not prompted. Administrators can build templates for all the corporate apps and deploy these templates on an Active Directory Server. AD group membership can then be used to control who has access to which templates.
One of the problems I encountered early this week was in trying to deploy the TAM ESSO client stand alone while including the templates for applications in the stand alone client. The documentation is not very clear on a lot of things including this one so I figured I would go ahead and mention what I had to do.
First I had created templates for 3 applications (Web, Client/Server, and Terminal). Next, you need to click on Global Agent Settings and if you haven't already done so, Import from Live HKLM. Next, open the End-User Experience -> Environment key and select the check box for Location of entlist.ini file. Specify the path to the file including the file name. The default is:
C:\Program Files\Passlogix\v-GO SSO\Plugin\LogonMgr\entlist.ini
There are numerous settings that can be controlled here so make any other settings you desire to be packaged in the distributions MSI.
Next, to create the MSI click Tools -> Generate Customized MSI. Complete the fields similar to the following screen shot:
The BASE MSI file should be stored in the location where you extracted the TAM ESSO binaries. You can store your target MSI where you prefer. Obviously if you want applications templates to be included in the MSI then you will want to add the ones necessary for your purposes. The one part that I was not aware of until working with some other TAM folks was the Global Agent Settings. This must be done in order for the application template show up in the client agent. Once you click OK, your distribution MSI is complete.
This is definitely not one of the more complex areas of working with TAM ESSO, but it was a bit annoying when the documentation did not seem to spend much time on a stand-alone implementation. For folks who just simply want to try it out to get an idea how it works, there will not necessarily be an AD server or even ADAM for that matter.h