Appendix E: Passport Manager Administration (Windows Server 2003)
Updated: July 31, 2004
Applies To: Windows Server 2003 with SP1
The following appendix provides information about:
The benefits and purposes of Passport Manager Administration
Using Passport Manager Administration in a managed environment
Resources for learning about Passport Manager Administration
Benefits and Purposes of Passport Manager Administration
Passport Manager Administration is a utility designed for use on Web sites on which you want to use Microsoft .NET Passport for authentication. In Microsoft Server 2003 family operating systems, Passport Manager Administration provides a graphical-interface alternative to editing the registry to change Passport Manager object settings. The most common use of the Passport Manager Administration utility is to change the default object settings that Passport Manager methods use if certain optional parameters are omitted when the methods are called.
Although some parameters of Microsoft .NET Passport methods are listed as optional, these methods still generate URLs or results that reflect inherent default values when called. These default parameter values can be used to provide consistent values for your Web site, such as the required time window within which all users must be authenticated.
Primary default object settings that affect Passport Manager implementation include: Time Window, Force Login, and Language ID.
Using Passport Manager Administration in a Managed Environment
To ensure that cookies are deleted when users sign out of a Web site, make sure the following conditions are met:
The Site ID value in Passport Manager Administration should be the value given to you when you received your Passport encryption key.
The path and file name of the page to which cookies are written (specified in Passport Manager Administration) should match the ExpireCookieURL provided when you registered your site. Also, if cookies are written to a page in a subdomain of your own domain, you should precede the domain path with a dot (".").
The path to the page where cookies are written should be the root directory of the Web site. This ensures that cookies written to all possible paths are deleted. If this is not done, not all the cookies may be deleted.
If your site uses multiple servers with Passport Manager installed on them, you should verify that all of the servers are writing the cookies to the same domain and path.
You can find additional information about Passport Manager Administration at these sites:
For more information about .NET Passport and how to download it, see the SDK documentation on the MSDN Web site at:
The Help file for Passport Manager Administration utility provides detailed information about configuring settings for this utility. You can find this Help file at: