Authentication against Lotus notes engine

Similar Messages

• ACS Authentication against Lotus Notes

  Hi Team, is it possible to authenticate Users via ACS against Lotus Notes, similar to MS AD? Regards, Michael

  I don't think it is possible to use ACS with Lotus notes for user authentication. These are the external databases supported with ACS.
  a) Windows User Database
  b) Generic Lightweight Directory Access Protocol (LDAP)
  c) Novell NetWare Directory Services (NDS) when used with Generic LDAP
  d) LEAP Proxy Remote Authentication Dial-In User Service (RADIUS) servers
  e) Token servers
  f) Open Database Connectivity (ODBC)-compliant relational databases (ACS for Windows)

• Cannot perform authentication in Lotus notes portlets

  Hello again,
  I have managed to setup an external application for Lotus Notes portlet for
  9.0.2.0.1 AS. By clicking the login button I can access my Lotus Domino mail!
  However, when I registered the Lotus Notes Provider (its test page runs fine),
  associated its authentication model with my ext. app, and then tried to access the
  portlets I keep getting messages about "user authentication failed".
  Actually my log file reads:
  11/29/02 1:17 PM webapp1: oracle.webdb.provider.v2.adapter.SOAPServlet: init
  11/29/02 1:17 PM webapp1: NumberFormatException while initializing Logger. Defaulting LogLevel to 4
  11/29/02 1:17 PM webapp1: ServletLogger - Logging level: 4
  11/29/02 1:17 PM webapp1: [id=(null), instance=(null)] CONFIGURATION: Invalid or null value for property - executionWarningTimeout = null - setting to default value of 20 seconds
  11/29/02 1:17 PM webapp1: [id=(null), instance=(null)] CONFIGURATION: Invalid or null value for property - executionKillTimeout = null - setting to default value of 80 seconds
  11/29/02 1:17 PM webapp1: [id=(null), instance=(null)] Unhandled exception in SOAP call
  oracle.webdb.provider.v2.utils.soap.SOAPException: Error: Failed to authenticate user with external application
       at oracle.webdb.provider.v2.adapter.soapV1.ProviderAdapter.initSession(Unknown Source)
       at oracle.webdb.provider.v2.adapter.soapV1.ProviderAdapter.initSession(Unknown Source)
       at java.lang.reflect.Method.invoke(Native Method)
       at oracle.webdb.provider.v2.utils.soap.SOAPProcessor.doMethodCall(Unknown Source)
       at oracle.webdb.provider.v2.utils.soap.SOAPProcessor.processInternal(Unknown Source)
       at oracle.webdb.provider.v2.utils.soap.SOAPProcessor.process(Unknown Source)
       at oracle.webdb.provider.v2.adapter.SOAPServlet.doSOAPCall(Unknown Source)
       at oracle.webdb.provider.v2.adapter.SOAPServlet.service(Unknown Source)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:336)
       at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:59)
       at oracle.security.jazn.oc4j.JAZNFilter.doFilter(JAZNFilter.java:283)
       at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:523)
       at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:269)
       at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:735)
       at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.AJPRequestHandler.run(AJPRequestHandler.java:151)
       at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].util.ThreadPoolThread.run(ThreadPoolThread.java:64)
  Is there any issue with the fact that I installed the latest PDK (November 02)? Its test
  page also appears without problems.
  Thanking you in advance,
  Serafeim.

  This may be happening because the configured Lotus Notes External Application does not have the Lotus Domino Username, Password and MailFilename entries. Please click on the "Update Login Information" link and supply these values. You should be able to see the Lotus Notes portlets now.
  Thanks,
  Geeta

• Cisco Phone Control and Presence 8.6.1.1185 with IBM Lotus Notes 8.5.2 (Integrated Sametime Client 8.0.2) - No presence status visible

  Hi community,
  I am trying to integrate Cisco Unified Presence 8.6.1.10000-34 with IBM Lotus Notes 8.5.2 with the integrated Sametime Client version 8.0.2 via the Cisco Plugins 8.6.1.1185.
  Phone control is working fine, whereas the presence status is not shown (= no handset symbol next to the Sametime user). When I look in the preferences of the plugin, I can see that the plugin has connected successfully to the CUCM (8.6.2.20000-2),whereas the connection to the CUPS has not been established.
  The user id as well as the password are all the same on all systems. Here is a description of what I have configured via the ciscocfg.exe tool:
  Feature Control:
  - Enable Phone Status -> checked
  - Enable Dial Using Cisco IP Communicator -> unchecked (not required)
  - Enable Control Desk Phone -> checked
  - Default Mode -> Control Desk Phone
  Control Desk Phone Settings:
  - Voicemail Pilot Number -> left blank (no voicemail)
  - Cisco Unified Communications Manager
       - Servers -> IP address of CUCM
       - Read Only -> unchecked
       - Use as Default CUCM -> checked
       - Synchronize Credentials -> checked
            - Use Sametime Credentials -> checked
  Use Secure Connection: -> not required
  LDAP Phone Attributes: -> not required
  Phone Status Settings:
  - Cisco Unified Presence Servers -> IP address of CUPS
  - Read Only -> unchecked
  - Synchronize Credentials -> checked
       - Use Sametime Credentials -> checked
  - Sametime User ID Mapping
       - Use Business Card Attribute -> MailAddress
       - Remove Domain -> checked
  - Display Off-Hook Status Only -> unchecked
  At the moment I don't see an error in the configuration, but maybe I am wrong. Could anyone please tell me what the error could be?
  Thanks a lot in advance!
  Kind regards,
  Igor

  Hi all,
  here are some additions to my above post:
  Servers and clients used:
  1x CUCM 8.6.2.20000-2
  1x CUPS 8.6.1.10000-34
  1x IBM Lotus Domino Messaging Express Server 8.5.2
  1x Sametime Entry Server 8.5.2 (on top of the Domino server)
  2x IBM Lotus Notes 8.5.2 with integrated Sametime 8.0.2
  2x Cisco Phone Control and Presence with Lotus Sametime (PCAP) 8.6.1.1185
  2x Cisco Unified Personal Communicator 8.5.5.19839
  Setup:
  - CUCM, CUPS and CUPC are working fine, i.e. Desk Phone control via CUPC, as well as availability and presence status are working without issues
  - IBM Lotus Domino server is the LDAP Directory, the Sametime Entry Server is installed on top of the Domino server and uses the Domino Directory
  - User ID and password on CUCM/CUPS match the ShortName field and password in Domino
  - The PCAP plug-in has been manually deployed to both Notes clients with the following configuration:
       - Enable Phone Status -> active
       - Desk Phone Control -> active
       - no credential synchronization for CUCM and CUPS, i.e. every user must fill the user details himself
       - Sametime User ID Mapping is implemented via the LDAP Attribute uid (which is equal to the user id in CUCM)
       - LDAP configuration filled in with details of the Domino server
  Phone Control is working fine, also the connection to the LDAP server (Domino) is fine. However, when I type in the credentials for the CUPS server login, I can see (in Troubleshooting pane) that the user (pparker) is connected to the CUPS server for a short period of time and then gets disconnected. After that no connection is possible to the CUPS server, i.e. status is always disconnected.
  I have collected the Tomcat (EPASSoap00010.log and security00010.log) logs via RTMT and compared them to the logs from the PCAP plugin. The relevant time period is from 15:14 to 15:17. In the Tomcat logs I can see that the authentication is successful (see attached files), however in the log of PCAP plugin I can see the following messages:
  2012/02/03 15:14:35.281 WARNUNG Credential is rejected. Nothing to retry ::class.method=com.cisco.sametime.phonestatus.cup.CUPPresenceWatcher.answerChallenge() ::thread=CT_CALLBACK.1 ::loggername=com.cisco.sametime.phonestatus.cup
  2012/02/03 15:14:35.281 WARNUNG #### Connection rejected presence server ::class.method=com.cisco.sametime.phonestatus.cup.CUPPresenceWatcher.onPresenceServerConnectionRejected() ::thread=CT_CALLBACK.1 ::loggername=com.cisco.sametime.phonestatus.cup
  2012/02/03 15:14:35.281 WARNUNG Credential is rejected. Nothing to retry ::class.method=com.cisco.sametime.phonestatus.cup.CUPPresenceWatcher.answerChallenge() ::thread=CT_CALLBACK.2 ::loggername=com.cisco.sametime.phonestatus.cup
  2012/02/03 15:14:35.281 WARNUNG #### Connection rejected presence server ::class.method=com.cisco.sametime.phonestatus.cup.CUPPresenceWatcher.onPresenceServerConnectionRejected() ::thread=CT_CALLBACK.2 ::loggername=com.cisco.sametime.phonestatus.cup
  I don't understand why the connection is rejected although the Sametime Internal ID and CUPS User ID match. Does anyone know what the issue could be?
  All posts are very much appreciated!
  Thanks a lot in advance!
  Kind regards,
  Igor

• Sending an email from Lotus Notes release 5.0.4a

  I need to write java code for sending an email from Lotus Notes release 5.0.4a.
  Initially, I tried using Lotus Domino Toolkit for java, but the current release, "Lotus Domino ToolKit for Java/Corba release 5.0.8" is not compatible with the notes client/server we are using(5.0.4a).
  Now, I am trying to use "Lotus Domino Toolkit 2.1" which supports notes version 5.0.3 and higher, but I couldnot find out how to use it to send email.
  Is there are other way in which we can connect to Lotus Notes for sending email. I cannot use SMTP as the Lotus Notes administrator is afraid of security issues so there is no possibility that I can connect to Domino server using java mail API by enabling SMTP on the Domino server.
  I would be thankful if somebody can help me to do this.

  First off - This is very "off topic"
  The Domino SMTP server is not hard to lock down. Any Notes Admin worth his/her salt should know how to do it. Try to persuade them to run the SMTP stuff using name and password authentication only, or restrict access to an IP address range. This is all easy stuff.
  Otherwise DIIOP/CORBA is one way to go. If your toolkit jar files don't work with the server then try using the ones on the server. Look in %noteshome%\data\domino\java for the ncso.jar file.
  This works for me on an AS/400 java VM to WinNT/Linux Domino servers of various versions.
  How to create an email using this method is again not difficult. All you really need is a blank database template. You have to create a document with certain fields in it (all documented) and then save it. That's all there is to it.
  Word of warning DIIOP is not very rapid and careless coding can create problems. Ensure that once you have finished a session you make sure you close it else you will have continual connection problems.
  Try searching around the domino/notes groups on how to actually do this.
  SH

• Ubuntu Karmic authentication against Snow leopard open directory server

  Hi,
  I'm looking for help. I've tried to configure an installation of Karmic to authenticate against our office's open directory server running on an osx snow leopard server. Currently `getent password` show all users including those from the open directory server when running the command as both root and normal users. However authentication against the open directry users fails with the following messages in the /var/log/auth.log:-
  Dec 7 22:42:05 [hostname] getent: nss_ldap: failed to bind to LDAP server ldap://server.domain.com: Invalid credentials
  Dec 7 22:42:05 [hostname] getent: nss_ldap: could not search LDAP server - Server is unavailable
  (I've changed the hostname and ldap url)
  /etc/ldap.conf has:-
  base dc=server,dc=domain,dc=com
  ldap_version 3
  rootbinddn cn=diradmin,dc=server,dc=domain,dc=com
  bind_policy soft
  pam_password md5
  /etc/ldap.secret is set to the password of the diradmin user and has a permission mask of 600
  /etc/pam.d/common-passwd :-
  password sufficient pam_ldap.so md5
  password required pam_unix.so nullok obscure md5
  password optional pam_smbpass.so nullok use_authtok tryfirstpass missingok
  /etc/pam.d/common-auth:-
  auth [success=2 default=ignore] pam_unix.so nullok_secure
  auth [success=1 default=ignore] pam_ldap.so usefirstpass
  auth requisite pam_deny.so
  auth required pam_permit.so
  /etc/pam.d/common-account:-
  account [success=2 newauthtokreqd=done default=ignore] pam_unix.so
  account [success=1 default=ignore] pam_ldap.so
  account requisite pam_deny.so
  account required pam_permit.so
  /etc/pam.d/common-session
  session [default=1] pam_permit.so
  session requisite pam_deny.so
  session required pam_permit.so
  session required pam_unix.so
  session optional pam_ldap.so
  session optional pamckconnector.so nox11
  Does anyone have any ideas where to go from here?
  Message was edited by: zebardy

  Hi
  It's easy enough to 'connect' any version of OS X Server to any other version of OS X Server. Use the Join button in the Users & Groups Preferences Pane. Alternatively use the Directory Utility itself.
  You seem to be misunderstanding what an Open Directory Master and Replica are? They are not what I think you think they are. They are not a 'back-up' of each other if you're providing more than the shared Directory Service.
  An OD Replica maintains a read-only copy of the LDAP Database (Usernames, Passwords and Policies etc) that's stored on the OD Master and nothing more. If the Master was to go offline for any reason the Replica can be quickly promoted to a Master Role and continue to provide information for the shared directory. This assumes it has easy and quick access to the Volume storing networked home folders? The LDAP Database in that case would then become writable. Later on and whenever you've fixed the problem with the old Master it can quickly be demoted and made a Replica of the now new Master.
  Although this is for 10.6 Server (it is nevertheless still applicable) everything you need to know about Master and Replica relationships is here:
  http://manuals.info.apple.com/en_US/OpenDirAdmin_v10.6.pdf
  Page 55 onwards.
  From Page 64:
  "The Open Directory master and its replicas must use the same version of Mac OS X Server. . ."
  If your OD Master is also providing Mail, Calendar and Contact Services then none of these will be replicated. You will have to maintain a backup of these databases yourself using whatever method you deem fit for your needs.
  HTH?
  Tony

• Lotus Notes connector: Error while crawling LOB contents

  Hi all,
  I am trying to configure Lotus Notes connector on SP search. We have successfully followed the Randy Rempel's blog on
  test environment. No problem to search lotus notes content.
  In production environment, we've followed the same procedure but we are facing the following problem. During the full crawl, the below error is thrown
  Error while crawling LOB contents. ( Error caused by exception: Microsoft.BusinessData.Infrastructure.BdcException The shim execution failed unexpectedly - Exception has been thrown by
  the target of an invocation..: System.ServiceModel.FaultException`1[System.ServiceModel.ExceptionDetail] An unexpected error occurred in the Lotus Notes protocol handler while processing the URL
  We have forced Lotus Notes Connector to be more verbose, without success.
  Any help will be appreciated
  David

  Reset the index and re-crawl. That usually claers it
  If you are using NTLM authentication, then make sure that you specified the PassThrough authentication for crawling
  Probably you need to debug the BDC code that underlies the external content types.
  can you Check the permission that you have set for the lotus notes domino databases? Was the content access account added to the local administrator group?
  If this helped you resolve your issue, please mark it Answered

• ISE 1.2 - 24492 Machine authentication against AD has failed

  Currently experiencing a machine authentication problem between ISE 1.2 patch 2 and a customer AD installation.
  AuthZ policy is set to match agains /Users/Domain Computers and /Users Domain Users.  User authentication works, machine auth doesnt.
  Machine authentication box is ticked.
  If you try to disable an AD machine, or try a machine not in the domain you get the appropriate different response in the ISE logs which sugests it has the right access into AD to check this info.
  This happens on all computers, both WinXP and Win7 corporate builds.
  I know its not an ISE policy configuration as I have resorted to testing the same ISE against a vanilla lab AD environment with the same AD domain name (just by changing the DNS servers ISE uses) and the computer lookup works!
  Anybody got any ideas?
  thanks.

  24492
  External-Active-Directory
  Machine   authentication against Active Directory has failed
  Machine   authentication against Active Directory has failed.
  Error
  Please check NTP is in sync or not  ISE

• ISE internal user authentication failure - user not found

  Hi Forumers'
  I trying to do wireless 802.1x, where identity store using intenral user.
  But i found this error message when i trying to connect
  Authentication failed                                                                                 :
  22056 Subject not found in the applicable identity store(s)
  My authrorization rules is built like this
  identity groups = user identities group / " mygroup"
  condition = no setting
  permissions = standard / PermitAccess
  Question 1
  Any troubleshooting step to do on this?
  Question 2
  For the Authorization rules, what's the condition should set for using Internal User as Identity store?
  Thanks
  Noel

  The error is caused to an authentication failure and is not an issue with authorization
  You need to look at your authentications policy (Policy->Authentications) and see which identity store was authenticated against
  In addition can do the Live Authentications page (Monitor->Authentications) and for the failing record click on the icon under details. This will give you the full details of the requets processing and you can see which rule was matched in the identity policy (Identity Policy Matched Rule) and "Selected Identity Stores".

• Remote Data Source Settings for Lotus Notes CWS

  I have installed the Crawler Web Service for Lotus Notes on a box seperate from Machine hosting Portal Server. After that I did all the migrations successfully at the portal side as mentioned in installation guide. But while configuring Remote data Source ,in Authentication Page , i am not getting an edit box to specify the User ID file.Its just have edit box to specify password.
  Its taking the last user id that was used in the Notes Client on that machine, or more specifically the KeyFilename setting in the Notes.ini file
  How can i set the User ID File(to be considered).
  Moreover there is an error
  An error occurred while validating the remote XUI service. Verify the Web Service settings, including the SOAP Encoding Style.
  Can anybody provide pointers on configuring the Remote Data Source for Lotus Notes database
  Thanks in Advance

  Hi,
  I would check this with the Lotus Notes guys. If the mail is OK in SOST, then SAP is delivering the mail correctly. There is something wrong with the Lotus Notes client itself. I have seen this same problem and I have alos witnessed the HTML email to crash the whole Lotus client. (This lead to a situation that it was just easier to send the plain text emails.)
  Regards,
  Karri

• Lotus Notes connectivity in WebDynpro for Java

  Hi,
  in case we want to implement some content stored in an Lotus Notes database. For example a simple corporate phonelist. What are our options to get these data represented in our portal if we dont want to use the standard "Notes DB web-enabled" output.
  Is it possible to develope for example a webDynpo for Java application which connects via JCo(??) to Notes, greps the data there and interacts with it so that we can use the standard portal UI-Elements?
  Do you know where to find some specified information for that issue?
  Thanks and best regards
  Markus Armbruster

  Hello Markus,
  I already tested several options for connecting Web Dynpro to Lotus Notes/Domino. You may use Java technology (IIOP) or web technology (simple HTTP/XML or HTTP/SOAP).
  in order to use IIOP, simple include NSCO.jar in the lib path of your SAP J2EE engine instances. Then you are able to use the classes stubs for NotesFactory(), NotesSession() etc. within WD.
  if you use HTTP then connect using web services. The data is then transferred e.g. via XML or DXL.
  I have some samples running in case you need more information I can send you the source.
  Regards
  Michael

• Authentication against users in a table

  I am somewhat familiar with JAZN authentication but here is what I need to do and would GREATLY appreciate as much details as you can provide:
  Say, I have a table USERS(USER_ID, NAME, ...) and several other tables in the DB. Let's say I have another table ADDRESS(ID, USER_ID, ADDRESS, ...). Several things needs to be done:
  1. When user attempts to access a Input Form page to add new record in ADDRESS, a login screen should appear. I KNOW how to do this with either basic or form based authentication. However in this case user credentials will be stored using jazn tool.
  2. Since I need USER_ID to be passed to my Input Form page I believe that I cannot use jazn for this, but rather to authenticate against my USERS table. How?
  3. In this case (authentication against my USERS table) where the paswords are kept?
  4. Also in this case, is it possible to provide several levels of access, ie all to managers, some to data enter people etc.
  We are new to Oracle and JDev so any help is appreciated. The more the better...
  Cheers!
  Rade

  Here is what I did and it does not work:
  I have 'login.uix' page with username and password entries:
  <form name="form0" method="post">
    <contents>
     <pageLayout>
      <pageButtons>
       <pageButtonBar>
        <contents>
         <submitButton text="Sign In" event="verifySignin"/>
         <submitButton text="Login" event="login"/>
        </contents>
       </pageButtonBar>
      </pageButtons>
     <contents>
    <tableLayout>
     <contents>
      <rowLayout>
       <contents>
        <messageTextInput name="username" prompt="Enter Name"/>
       </contents>
      </rowLayout>
      <rowLayout>
       <contents>
        <messageTextInput name="password" prompt="Enter Password" secret="true"/>
       </contents>
      </rowLayout>
     </contents>
     </tableLayout>
    </contents>
    </pageLayout>
  </contents>
  </form>
  ...Then in its Action class I have:
  public void onLogin(DataActionContext ctx)
      //ctx.getBindingContainer();
      HttpServletRequest r = ctx.getHttpServletRequest();
      String userName = r.getParameter("username");
      String password = r.getParameter("password");
      // username and password required
      if (userName.length()==0 || password.length()==0)
        ctx.setActionForward("loginFailed");
        return;
  try
        // Get handle to Application Module that "carries" Staff View
        DCDataControl dc = ctx.getBindingContext().findDataControl("AppModuleDataControl");
        ApplicationModule am = dc.getApplicationModule();
        // find the Staff view object that holds username and password
        ViewObject vo = am.findViewObject("StaffView1");
        //find user
        Row[] userRow = vo.getRowSet().getFilteredRows("StaffId",userName.toUpperCase());
        System.out.println(" I never get here!?!?!!!!!");
    catch (Exception ex)
        //Set Main Error Page here
        System.out.println(ex.toString());
        ctx.setActionForward("loginFailed");
        return;
  }Seems like Row[] userRow = vo.getRowSet().getFilteredRows("StaffId",userName.toUpperCase());
  is not properly executed?!?
  Anybody know what the problem is??? This is based on Frank's code sample that I found on forum.

• Oracle 10g Reports Server - problem authenticating against DB

  I have a problem with Oracle 10g Reports server authenticating against an Oracle RDBMS.
  When I try to run reports, an authentication form screen is presented, with the password field empty (the URL in explorer that loads this page contains the username and DB instance, but is missing the password) and the following error message:
  REP-51018: Need database user authentication
  When the password is entered into the empty field in the form and submitted, another 2 authentication errors are given.
  REP-51018: Need database user authentication
  REP-12545: java.sql.SQLException: ORA-12545: Connect failed because target host or object does not exist
  When the URL in the browser location field is manually altered to include the DB password, the reports are authenticated fine.
  Any ideas which config file I should be looking in?
  Any pointers would, of course, be much appreciated.
  thanks,
  Brian

  Hello, i finally have discovered what was happening, it has to be with the way FreeBSD passes the password field. By default FreeBSD passes the password field with a '*' while Oracle Linux (and Red Hat clones) expect an 'x' to look into shadow maps (Linux uses the '*' character in the password file to not allow login to that user).
  To solve it the password field served by the NIS server must be substituted, which is accomplished with nsswitch.conf and adding a line to the /etc/password file on the NIS Client, so the final files will look this way:
  # nsswitch.conf (compat directive allows us to use the '+' sintaxis in /etc/passwd file)
  passwd files compat
  # /etc/passwd (just add at the end of file)
  +:x:::::

• Anyone got ACS SE 4.2.1 authenticating against server 2008 R2 via LDAP?

  Hi, I'm working on a new network implementation where the customer has ACS SE and wants to use AD for machine based authentication of wired 802.1x clients.
  As the support for 2008 R2 server (64-bit OS used here) using remote agent is not yet released they are attempting to set this up using an LDAP connection. The final goal is to use certificate based authentication, and I have had a message indicating this authentication type may not work due to an issue with binary comparison, so we started with basic username/password accounts first.
  So far the ACS is populating its external user database fields with the domains setup on AD, but user authentication is failing.
  Briefly we started with basic username/password usng MD5-CHAP on XP to an account configured on ACS, that worked fine. Then set up the external user database to use an LDAP connection to AD, and an unknown user policy, this dosent work. It looks like the issue could be do with the LDAP attributes not being set correctly.
  Has anyone used LDAP as an authentication mechanism against 2008 R2 based AD and got it working?

  Aacole,
  The above error message says that your external database that is LDAP doesn't support EAP-MD5 and that is quite true.
  You may check the below listed link for protocol and database compatibility.
  http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/Overvw.html#wp824733
  Since you are using LDAP its only supports EAP-GTC.
  Do let me know if you need any further suggestions.
  Regds,
  JK
  Do rate helpful posts-

• Lotus Notes & LDAP with EP 7

  Hello All,
  We are planning to integrate Lotus Notes with EP 7.0 I would like to know if Lotus Notes is an LDAP or do we need a seperate LDAP Server.
  We are also planning to use Windows based authentication for the Portal, do we need to have an LDAP or can we use the Lotus Notes as an LDAP Server as well, I would appreciate any help or suggestions you can offer.
  Please do let me know if Lotus Domino is an LDAP Server as well.
  Best Wishes,
  John.

  Hello John,
  for windows integrated authentication you simply configure the SPNego LoginModule which comes with the NetWeaver product UME.
  SPNego can technically work together with different user stores such as Microsoft AD, Novell eDirectory, ABAP user store and others. It is also technically feasable to connect Lotus LDAP functionality to the NetWeaver UME on project base.
  Summarizing: technically it can work but it require consultancy / project work since this configuration is not covered by the standard.
  If you need more information or assistance please contact me.
  Regards
  Michael