SOURCE: PistolStar, Inc.

November 06, 2007 11:58 ET

PistolStar Enables Lotus Sametime Single Sign-On Via Kerberos

PistolStar's Password Power Plug-In for Lotus Sametime Single Sign-On (SSO) Via Kerberos, the Latest of Its Solutions Incorporating the Kerberos Network Authentication Protocol, Eliminates Need to Manage a Separate Password for Lotus Sametime Connect

AMHERST, NH--(Marketwire - November 6, 2007) - PistolStar, Inc., an authority in password management integrating Microsoft Active Directory, today introduces the Password Power Plug-In for Lotus Sametime Single Sign-On via Kerberos. This new addition to PistolStar's framework of authentication plug-ins is also the latest of its solutions incorporating the Kerberos network authentication protocol. PistolStar recently introduced the Password Power Plug-In for Lotus Domino Single Sign-On via Kerberos.

The Plug-In for Lotus Sametime Single Sign-On via Kerberos enables users launching Sametime Connect to achieve single sign-on (SSO) using the Kerberos network authentication protocol to Active Directory. Administrators remove the need to manage a separate password for Sametime Connect and enhance overall password security. No passwords are sent over the network and the user and server are mutually authenticated.

"In IBM Lotus shops, users typically have passwords for accessing Microsoft Windows, Active Directory, Lotus Domino applications and Sametime Connect, which makes the password management process extremely complex for administrators," states Gregg Browinski, chief technology officer, PistolStar, Inc. "The Plug-In for Lotus Sametime Single Sign-On via Kerberos offers the security of Kerberos authentication while allowing users to logon one time and then access Sametime Connect without further prompting for a username and password. This authentication approach does not require saving the user's Active Directory password anywhere, so password resets are seamless."

Originally developed at and used by the Massachusetts Institute of Technology (MIT), Kerberos has become the foundation for authentication in Windows operating systems since Microsoft implemented it as the default authentication mechanism in Windows 2000. Kerberos requires connectivity to a central Key Distribution Center (KDC), which, in Windows, is any Microsoft Active Directory domain controller.

Users of the Sametime SSO/Kerberos Plug-In authenticate to the KDC (Active Directory), requesting an encrypted session ticket for the Sametime server they wish to use. Only the server and the KDC can decrypt the session ticket to get the user's authentication information. The server trusts the credentials in the session ticket because it knows the ticket could only be created by the KDC and thus recognizes the user must have been authenticated by the KDC in order to receive the ticket.

Kerberos authentication enables end-users on Windows 2000, XP and Vista to just logon to a Windows domain at the start of their workday, as it provides further integration with Windows and Active Directory. Therefore, when the end-user wants to access a server for which they use Kerberos authentication, their Sametime Connect retrieves the session ticket from the KDC and sends it to the Sametime server automatically.

For more information on the Kerberos authentication protocol, go to:

To provide a complete single sign-on solution for Sametime, PistolStar also offers the Lotus Domino Single Sign-On (SSO) Plug-In, which enables single sign-on to Sametime Web meetings (screen sharing, whiteboards, etc.).

System Requirements

Included in Password Power 8, the Plug-In for Lotus Sametime Single Sign-On via Kerberos supports Microsoft Windows Vista, XP, and 2000 client machines, Windows 2000 and 2003 Active Directory as KDC, and Lotus Sametime 6.5 and higher.

About PistolStar, Inc.

PistolStar, Inc., an authority in password management and Microsoft Active Directory integration, provides solutions that meet the challenges of securing the global enterprise. PistolStar's products mitigate technology issues by creating elegant, simple, and efficient solutions to customers' complex problems.

PistolStar serves customers in a variety of industries, such as pharmaceuticals, finance/banking, energy and healthcare, focusing on Global 2000 organizations that have intricate security requirements. To learn more, visit the PistolStar website at

Contact Information