FM for checking Windows Authentication

Hi All,
Is there any function module / class / method  etc available for checking windows based authentication?
My purpose is to call such FM (If available) from a web based interface as RFC,
Kindly advise.
Thanks in advance.
Regards
Vipin

hi,
there is no function module is there specifically for checking the windows.u have to create u r wone FM for that.
with regards,
M.SRikanth

Similar Messages

  • How to configure Axis stubs for Integrated Windows Authentication ?

    Hi All,
    I am trying to consume a web service on https and it uses .NET with Integrated Windows Authentication Security Mechanism. When I type the web service endpoint address in browser I am prompted for a login dialog and I login using username (in the format <domain name>\\<username>) and password given by the web service provider.
    Now I have generated stubs using AXIS 1.2 Final but I dont know how to pass or set the credentials (domain, username, password) in my client program. I tried <stub object>.setUsername and <stub object>.setPassword methods but I am not able to connect to the service and I always get HTTP Error Code 401.2 from the service. I am not sure this is right way to set credentials in my code. I tried searching this mailing list but no avail. Can anyone please help me.
    Thanks & Regards,
    Kr.

    Hello all - I ran into this and spent way too much time looking for the answer, however this is how I got it to work. My code was specific to getting SSRS authenication working so it should work with any NTLM authenciation via HTTP. setAuthenticateProperty() actually does the enabling of NTLM.
    * Sets up the needed information to enable NTLM authentication for SOAP/HTTP calls..
    * @author Brian Hayes
    public class NTLMAuthenticator {
        private Authenticator authenticator;
        private String username;
        private String password;
        private String domain;
        private String host;
        private URL wsdlurl;
         * Uses the endpoint.getHost() as the host name to use for authentication.
         * <li> Generally the endpoint host is the target for actual authenciation.
         * <br>
         * @param endpoint -
         *            The URL location of SSRS ReportExecution2005 wsdl.
         * @param username -
         *            User name needed for NTLM authentication.
         * @param password -
         *            Password needed for NTLM authentication.
         * @param domain -
         *            Domain for the user needed for NTLM authentication.
        public NTLMAuthenticator( URL wsdlurl, String username, String password, String domain ) {
            this.wsdlurl = wsdlurl;
            this.host = wsdlurl.getHost();
            this.username = username;
            this.password = password;
            this.domain = domain;
            this.authenticator = null;     
         * Instruct our NTLM authenticator to use setPreemptiveAuthentication or not. Default is true;
         * @return - true or false
        protected boolean usePreemptiveAuthentication(){
            return true;
         * The {@link Authenticator} is used to setup NTLM authentication to a webservice stub/client. <br>
         * Example:<br>
         * If you extended a Stub object, you would call getClient() or your Stub object.<br>
         * Then super._getServiceClient().getOptions().setProperty(HTTPConstants.AUTHENTICATE, getAuthenticator());<br>
         * <li>This should work with any URL/Soap call but it has only been tested with axis2 stubs.
         * <li> This also used PreemptiveAuthentication.
         * @return - {@link Authenticator} object populated.
        public Authenticator getAuthenticator() {
            if (this.authenticator == null) {
                this.authenticator = new Authenticator();
            List<String> auth = new ArrayList<String>();
            auth.add(Authenticator.NTLM);
            authenticator.setAuthSchemes(auth);
            authenticator.setUsername(this.getUsername());
            authenticator.setPassword(this.getPassword());
            authenticator.setDomain(this.getDomain());
            authenticator.setHost(this.getHost());
            authenticator.setPreemptiveAuthentication(this.usePreemptiveAuthentication());
            return authenticator;
        public void setAuthenticator( Authenticator authenticator ) {
            this.authenticator = authenticator;
        public String getUsername() {
            return username;
        public void setUsername( String username ) {
            this.username = username;
        public String getPassword() {
            return password;
        public void setPassword( String password ) {
            this.password = password;
        public String getDomain() {
            return domain;
        public void setDomain( String domain ) {
            this.domain = domain;
        public String getHost() {
            return host;
        public void setHost( String host ) {
            this.host = host;
        public URL getWsdlurl() {
            return wsdlurl;
        public void setWsdlurl( URL wsdlurl ) {
            this.wsdlurl = wsdlurl;
    * NTML Support for webservices where our webservice is protected via NTLM.
    * @author Brian Hayes
    public class NTLMReportExecutionServiceStub extends ReportExecutionServiceStub {
        private NTLMAuthenticator endpointAuthenticator;
         * Enables NTML authentication to our SSRS reports by setting the property via setAuthenticeProperty();
         * @param authenticator
         * @throws AxisFault
        public NTLMReportExecutionServiceStub( NTLMAuthenticator endpointauthenticator ) throws AxisFault {
            this(endpointauthenticator.getWsdlurl().toString());
            this.endpointAuthenticator = endpointauthenticator;
            this.setAuthenticeProperty();
        private void setAuthenticeProperty(){
            super._getServiceClient().getOptions().setProperty(HTTPConstants.AUTHENTICATE, this.getEndpointAuthenticator().getAuthenticator());
        public NTLMAuthenticator getEndpointAuthenticator() {
            return endpointAuthenticator;
        public void setEndpointAuthenticator( NTLMAuthenticator endpointAuthenticator ) {
            this.endpointAuthenticator = endpointAuthenticator;
         * Overrides the default URL location.
         * @param wsdlurl
         * @throws AxisFault
        private NTLMReportExecutionServiceStub( String wsdlurl ) throws AxisFault {
            super(wsdlurl);
    }

  • Scripts for checking Windows Production Servers Disk Space

    Hi Friends,
    I am looking for some simple scripts (DOS Based or which can be run in restrictive env)by which I can get the Servers Disk Space statistics when I run it from my local machine. My L1 team members are responsible for verifying Disk Space primarily C and D:
    everyday and they send status of the same by logging onto each and every servers. If I can get some simple scripts which can be run easily, that would be really helpful. 
    Thanx in Advance. 
    Keep Rocking :)
    Saurabh

    Hi,
    You may want to check this script out from the TechNet Gallery. 
    http://gallery.technet.microsoft.com/PowerShell-Script-to-fa8305ea
    Cheers.
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    Milton Goh
    MCSE, MCSA, MCITP, MOF, ITIL, AIIM SharePoint Specialist
    Blog |
    Twitter

  • IIS windows authentication on leopard

    I am a mac lover working in a windows world. I just upgraded to leopard 10.5.2 and most everything is working great. The only thing I am having problems with now is logging into some of our internal websites. For example Microsoft share point. Our share point site runs of in IIS set up for Integrated windows authentication. The login window shows up like it should but i can't log in. I also have a MacBook running 10.4.11 with the beta version of Safari. It works fin on 10.4.11 but not on 10.5.2? has anyone else seen this?

    Have you tried filling in the Domain in the username field? Prepend the username with the domain name and then a '\'
    i.e. DOMAINNAME\loginname
    And then use the password as normal.
    If you have multiple domains in the office (and your MAC isn't bound to the domain) then the domain server may not know where to find your login details.
    You also may need to submit the details several times as the page may have separate sections all of which demand their own authentication, so don't be surprised if you have to fill it in a few times the first time you visit the page.

  • Getting SPWeb.CurrentUser as null with Windows Authentication (AD), when configured for Claims Authentication

    Hi All,
    We recently migrated to SP 2013 from SP 2010. We are using most of the OOB features, with a few custom code. We have implemented a custom ASP.NET Membership Provider that authenticates against a web service. This was working fine on SP 2010.
    The entire code base was migrated to SP 2013 (with .net fw 4.5, etc) and any issues Compile / Runtime were fixed. However, we are stuck at one bug, which seems to be occuring only while trying to login with Windows Authentication. When a user tries to login
    with Forms Authentication, the error is never noticed.
    Scenrio: Login as Windows Authentiction.
    Result: The user is signed into the system and is authenticated against the AD. For random page loads - it throws access denied (even though he is a site collection admin). While attaching a debugger, we found that, at times the SPWeb.CurrentUser is null (weird).
    At the same time, the HttpContext.Current.Request.IsAuthenticated returns true. Which means the User is Authenticated, but not available in the SPWeb.CurrentUser object. 
    Attached are couple of ULS Logs that we found. The line which says IsAuthenticated=True, UserIdentityName=, ClaimsCount=0 is a little disturbing. Can you please let me know what is happening here? I am not able to access the root site (http://win2012d2:1234/)
    however, i am able to access (http://win2012d2:1234/SitePages/Home.aspx) just fine, without any issues.
    Please note, this error is only when the user is logged into sharepoint as a windows user. The forms user faces no such issues.
    ULS Logs:
    Name=Request (GET:http://win2012d2:1234/)
    Non-OAuth request. IsAuthenticated=True, UserIdentityName=, ClaimsCount=0
    Application error when access /, Error=Exception of type 'System.ArgumentException' was thrown.  Parameter name: encodedValue  
     at Microsoft.SharePoint.Administration.Claims.SPClaimEncodingManager.DecodeClaimFromFormsSuffix(String encodedValue)    
     at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(IClaimsIdentity claimsIdentity, String encodedIdentityClaimSuffix)    
     at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(String encodedIdentityClaimSuffix)    
     at Microsoft.SharePoint.Utilities.SPUtility.GetFullUserKeyFromLoginName(String loginName)    
     at Microsoft.SharePoint.ApplicationRuntime.SPHeaderManager.AddIsapiHeaders(HttpContext context, String encodedUrl, NameValueCollection headers)    
     at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.PreRequestExecuteAppHandler(Object oSender, EventArgs ea)    
     at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()    
     at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
    Getting Error Message for Exception System.ArgumentException: Exception of type 'System.ArgumentException' was thrown.  Parameter name: encodedValue    
     at Microsoft.SharePoint.Administration.Claims.SPClaimEncodingManager.DecodeClaimFromFormsSuffix(String encodedValue)    
     at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(IClaimsIdentity claimsIdentity, String encodedIdentityClaimSuffix)    
     at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(String encodedIdentityClaimSuffix)    
     at Microsoft.SharePoint.Utilities.SPUtility.GetFullUserKeyFromLoginName(String loginName)    
     at Microsoft.SharePoint.ApplicationRuntime.SPHeaderManager.AddIsapiHeaders(HttpContext context, String encodedUrl, NameValueCollection headers)    
     at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.PreRequestExecuteAppHandler(Object oSender, EventArgs ea)    
     at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()    
     at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
    [Forced due to logging gap, Original Level: Verbose] Looking up {0} site {1} in the farm {2} 
    Unknown SPRequest error occurred. More information: 0x80070005
    SPRequest.GetPageListId: UserPrincipalName=, AppPrincipalName= ,bstrUrl=http://win2012d2:1234/
    System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)), StackTrace:   
     at Microsoft.SharePoint.SPContext.get_ListId()    
     at Microsoft.SharePoint.SPContext.get_List()    
     at Microsoft.SharePoint.WebControls.ScriptLink.InitJs_Register(Page page)    
     at Microsoft.SharePoint.WebControls.ScriptLink.RegisterForControl(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, Boolean injectNoDefer, Boolean controlRegistration, Boolean loadInlineLast,
    Boolean ignoreFileNotFound)    
     at Microsoft.SharePoint.WebControls.ScriptLink.Register(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, String uiVersion, String ctag)    
     at Microsoft.SharePoint.WebControls.ScriptLink.Register(String uiVersion, Control ctrl, Page page, String name, Boolean localizable, Boolean defer)    
     at Microsoft.SharePoint.WebControls.ScriptLink.Register(Control ctrl, Page page, String name, Boolean localizable, Boolean defer)    
     at Microsoft.SharePoint.WebControls.ScriptLink.GetOnDemandScriptKey(String strKey, String strFile, Boolean registerDependencies, Control ctrl, Page page)    
     at Microsoft.SharePoint.WebControls.ScriptLink.RegisterOnDemand(Control ctrl, Page page, String strKey, String strFile, Boolean localizable)    
     at Microsoft.SharePoint.WebControls.ScriptLink.RegisterOnDemand(Page page, String strFile, Boolean localizable)    
     at Microsoft.SharePoint.WebControls.ScriptLink.RegisterForControl(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, Boolean injectNoDefer, Boolean controlRegistration, Boolean loadInlineLast,
    Boolean ignoreFileNotFound)    
     at Microsoft.SharePoint.WebControls.ScriptLink.Register(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, String uiVersion, String ctag)    
     at Microsoft.SharePoint.WebControls.ScriptLink.RegisterOnDemand(Control ctrl, Page page, String strKey, String strFile, Boolean localizable)    
     at Microsoft.SharePoint.WebControls.ScriptLink.OnLoad(EventArgs e)    
     at System.Web.UI.Control.LoadRecursive()    
     at System.Web.UI.Control.LoadRecursive()    
     at System.Web.UI.Control.LoadRecursive()    
     at System.Web.UI.Control.LoadRecursive()    
     at System.Web.UI.Control.LoadRecursive()    
     at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)    
     at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)    
     at System.Web.UI.Page.ProcessRequest()    
     at System.Web.UI.Page.ProcessRequest(HttpContext context)    
     at System.Web.HttpServerUtility.ExecuteInternal(IHttpHandler handler, TextWriter writer, Boolean preserveForm, Boolean setPreviousPage, VirtualPath path, VirtualPath filePath, String physPath, Exception error, String queryStringOverride)    
     at System.Web.HttpServerUtility.Execute(String path, TextWriter writer, Boolean preserveForm)    
     at System.Web.HttpServerUtility.Transfer(String path)    
     at Microsoft.SharePoint.Utilities.SPUtility.TransferToErrorPage(String message, String linkText, String linkUrl)    
     at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.ErrorHandler(HttpApplication app, Boolean errorIsOnErrorPage)    
     at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.ErrorAppHandler(Object oSender, EventArgs ea)    
     at System.EventHandler.Invoke(Object sender, EventArgs e)    
     at System.Web.HttpApplication.RaiseOnError()    
     at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error)    
     at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb)    
     at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context)    
     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)    
     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)    
     at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)    
     at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)    
     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)    
     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
    SPRequest.OpenWeb: UserPrincipalName=, AppPrincipalName= ,bstrUrl=http://win2012d2:1234/
    System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)), StackTrace:   
     at Microsoft.SharePoint.SPWeb.InitWeb()    
     at Microsoft.SharePoint.SPWeb.get_WebTemplateConfiguration()    
     at Microsoft.SharePoint.WebControls.ScriptLink.InitJs_Register(Page page)    
     at Microsoft.SharePoint.WebControls.ScriptLink.RegisterForControl(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, Boolean injectNoDefer, Boolean controlRegistration, Boolean loadInlineLast,
    Boolean ignoreFileNotFound)    
     at Microsoft.SharePoint.WebControls.ScriptLink.Register(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, String uiVersion, String ctag)    
     at Microsoft.SharePoint.WebControls.ScriptLink.Register(String uiVersion, Control ctrl, Page page, String name, Boolean localizable, Boolean defer)    
     at Microsoft.SharePoint.WebControls.ScriptLink.Register(Control ctrl, Page page, String name, Boolean localizable, Boolean defer)    
     at Microsoft.SharePoint.WebControls.ScriptLink.GetOnDemandScriptKey(String strKey, String strFile, Boolean registerDependencies, Control ctrl, Page page)    
     at Microsoft.SharePoint.WebControls.ScriptLink.RegisterOnDemand(Control ctrl, Page page, String strKey, String strFile, Boolean localizable)    
     at Microsoft.SharePoint.WebControls.ScriptLink.RegisterOnDemand(Page page, String strFile, Boolean localizable)    
     at Microsoft.SharePoint.WebControls.ScriptLink.RegisterForControl(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, Boolean injectNoDefer, Boolean controlRegistration, Boolean loadInlineLast,
    Boolean ignoreFileNotFound)    
     at Microsoft.SharePoint.WebControls.ScriptLink.Register(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, String uiVersion, String ctag)    
     at Microsoft.SharePoint.WebControls.ScriptLink.RegisterOnDemand(Control ctrl, Page page, String strKey, String strFile, Boolean localizable)    
     at Microsoft.SharePoint.WebControls.ScriptLink.OnLoad(EventArgs e)    
     at System.Web.UI.Control.LoadRecursive()    
     at System.Web.UI.Control.LoadRecursive()    
     at System.Web.UI.Control.LoadRecursive()    
     at System.Web.UI.Control.LoadRecursive()    
     at System.Web.UI.Control.LoadRecursive()    
     at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)    
     at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)    
     at System.Web.UI.Page.ProcessRequest()    
     at System.Web.UI.Page.ProcessRequest(HttpContext context)    
     at System.Web.HttpServerUtility.ExecuteInternal(IHttpHandler handler, TextWriter writer, Boolean preserveForm, Boolean setPreviousPage, VirtualPath path, VirtualPath filePath, String physPath, Exception error, String queryStringOverride)    
     at System.Web.HttpServerUtility.Execute(String path, TextWriter writer, Boolean preserveForm)    
     at System.Web.HttpServerUtility.Transfer(String path)    
     at Microsoft.SharePoint.Utilities.SPUtility.TransferToErrorPage(String message, String linkText, String linkUrl)    
     at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.ErrorHandler(HttpApplication app, Boolean errorIsOnErrorPage)    
     at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.ErrorAppHandler(Object oSender, EventArgs ea)    
     at System.EventHandler.Invoke(Object sender, EventArgs e)    
     at System.Web.HttpApplication.RaiseOnError()    
     at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error)    
     at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb)    
     at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context)    
     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)    
     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)    
     at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)    
     at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)    
     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)    
     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)

    Hi Mohamed,
    According to your description, my understanding is that the error occurred when users login with Windows Authentication.
    From the error message, I recommend to check if the anonymous access is enabled for the web application.
    And please also make sure that the users all are available and have permission to access the site.
    Here is a similar thread for you to take a look:
    http://social.technet.microsoft.com/Forums/en-US/28623bdc-a2f0-4876-9be4-9a764f106366/getting-spwebcurrentuser-as-null-with-windows-authentication-ad-when-configured-for-claims?forum=sharepointdevelopment
    Best regards.
    Thanks
    Victoria Xia
    TechNet Community Support

  • AD FS Token issuance endpoints for Windows authentication fail to open

    Hi,
    I have had issue with AD FS and after turning tracing on, I realized that the AD FS endpoints to issue token based on windows authentication were all failing with an error like:
    A WS-Trust endpoint that was configured could not be opened. 
    Additional Data 
    Address: https://adfsvm.dub01.local/adfs/services/trust/13/windowstransport 
    Mode:    WindowsTransport 
    Error: 
    MSIS0006: A Service Principal Name is not registered for the AD FS service account. 
    I have tried to register an SPN for the AD FS service using the following command (I have found the AD FS Service Name in the Federation Service Properties as in the screenshot hereunder) but it fails with the following error.
    setspn -a host/ADFSVM.dub01.local DUB01\ADFSService
    Checking domain DC=dub01,DC=local
    CN=ADFSVM,CN=Computers,DC=dub01,DC=local
            WSMAN/ADFSVM
            WSMAN/ADFSVM.dub01.local
            TERMSRV/ADFSVM
            TERMSRV/ADFSVM.dub01.local
            RestrictedKrbHost/ADFSVM
            HOST/ADFSVM
            RestrictedKrbHost/ADFSVM.dub01.local
            HOST/ADFSVM.dub01.local
    Duplicate SPN found, aborting operation!
    Now I have come to realise that the Federation Service name is the same as the computer name but:
    I dont know if that is an issue
    I don't recall having been offered to give a particular name when installing AD FS
    This is the first time I install AD FS. Is there anyone who could give me a pointer?
    Thanks.
    Francois

    the ADFS federation service FQDN should NOT be the same as the hostname. You will run into Kerberos issues because of duplicate SPNs as you have found
    https://jorgequestforknowledge.wordpress.com/2013/09/06/duplicate-spn-breaks-trust-between-clientserver-and-active-directory/
    When installing ADFS you should specify a federation service FQDN and a service account. When using the GUI to install ADFS, (if I'm not mistaken) the federation service FQDN is derived from the selected cert in the GUI. If that cert had a subject name being
    the hostname, you get this scenario. Instead, install an SSL cert, a token signing cert and a token encryption cert BEFORE the installation and use powershell to install/configure ADFS as it gives you more control.
    As an example see (ADFS v2):
    https://jorgequestforknowledge.wordpress.com/2012/05/08/installing-and-configuring-adfs-v2-as-an-sts-server-part-1/
    https://jorgequestforknowledge.wordpress.com/2012/05/09/installing-and-configuring-adfs-v2-as-an-sts-server-part-2/
    https://jorgequestforknowledge.wordpress.com/2012/05/10/installing-and-configuring-adfs-v2-as-an-sts-server-part-3/
    Install-ADFSFarm
    https://technet.microsoft.com/en-us/library/dn479416.aspx
    Cheers,
    Jorge de Almeida Pinto
    Principal Consultant | MVP Directory Services | IAM Technologies
    COMMUNITY...:
    DISCLAIMER: This post is provided "AS IS" with no warranties of any kind, either expressed or implied, and confers no rights! Always evaluate/test yourself before using/implementing this!

  • ACS SE setup for windows authentication

    Dear All,
    I'm trying to install an ACS Solution Engine in My network for access control (AAA). I succeed in setting up authentication using the internal database and that works fine. Now My boss want users to be authenticated through an external database (windows AD). I tried achieving this but kept getting different errors.(like EAP-TLS or PEAP authentication failed during SSL handshake) or (Authen session timed out: Challenge not provided by client).
    Please I need someone who has done this setup successfully before to give Me a step by step procedure on how I can setup ACS SE for windows authentication using My domain windows authentication.
    Thanks

    Dear All,I'm
    trying to install an ACS Solution Engine in My network for access
    control (AAA). I succeed in setting up authentication using the
    internal database and that works fine. Now My boss want users to be
    authenticated through an external database (windows AD). I tried
    achieving this but kept getting different errors.(like EAP-TLS or PEAP
    authentication failed during SSL handshake) or (Authen session timed
    out: Challenge not provided by client).Please
    I need someone who has done this setup successfully before to give Me a
    step by step procedure on how I can setup ACS SE for windows
    authentication using My domain windows authentication.Thanks
    Hi,
    Check out the belwo link on your query,Hope that help !!
    https://supportforums.cisco.com/docs/DOC-5542
    If helpful do rate
    Ganesh.H

  • SharePoint 2013 and Windows authentication (integrated) or SharePoint user for report data source

    Hello,
    I am having issues creating report datasource in "Windows authentication (integrated) or SharePoint user" in SharePoint 2013. I followed the steps mentioned in the link http://blogs.msdn.com/b/psssql/archive/2014/04/28/sharepoint-adventures-using-claims-with-reporting-services.aspx.
    I am just stuck in the delegation piece here. I have a SSAS instance by name "XXXXAPPV01\Multidimensional". First thing is what is the procedure to set SPN for this instance? I need to add this service in the delegation tab so that C2WTS service
    configured correctly.
    Nothing but I should be able to access my SSAS 2012 cube from SSRS 2012 by "Windows authentication (integrated) or SharePoint user" as the authentication method.
    Palash

    I used the below command to set SPN for analysis services.
    setspn -S MSOLAPSvc.3/XXXXAPPV01APPV01.xxxxdmo.local:Multidimensional xxxxdmo\svcMyService
    After setting the SPN for this service account I added this account(xxxxdmo\svcMyService) in the delegation tab of my domain account created earlier for claim service (xxxxdmo\svcC2WTS). Now in service type it shows -> MSOLAPSvc.3, User or Computer it shows
    -> XXXXAPPV01APPV01.xxxxdmo.local and in Port it shows -> Multidimensional. This is in my svcC2WTS account delegation tab. Still I am not able to connect datasource by "Windows authentication(integrated) or SharePoint User". I am getting the
    same error "Cannot convert claims identity to windows token".
    I am not sure what am I missing in this configuration piece yet to get this working.
    Palash

  • UDF in Checks for payment window

    hi
    plaease tell me how i can add udf in Checks for payment window.
    thanks & regards
    manoj

    Hi Manoj,
            Unfortunitely you cannot create UDF in Checks for Payments..................
    Regards,

  • JDBC driver for SQL Server 2000 with windows authentication

    Does anyone know of a JDBC driver for SQL Server 2000 that supports Windows Authentication, that is that a username and password does not need to be supplied when connecting to the database.

    You can use the JDBC-ODBC-Bridge.
    ODBC provides windows-authentication.
    Hope it helps.
    Freddy

  • IIsProxy version for windows authentication

    We are in the process of installing windows authentication to our EP 6.0 portal. We are running on SP 11 J2EE with portal SP 11 patch 3. 
    The first question I have in document “Using Header variables or Integrated Windows Authentication” section “Installing the IIsProxy module” says for security reasons we need to install version 1.7.0.0. Was this version released, we cannot find it on the service market place?
    My second question, when we use version IISPROXY16_2-10001433.SAR the authentication mechanism works fine to the portal but I cannot navigate within the portal, it looks like the screen get stuck on the first Iview no matter what role you choose. When we use version IISPROXY15_0-10001969.SAR things work fine. I increased the trace while using IISProxy 16.2 but there were no errors in the logs. We would like to be on the latest version. Any idea what might be the problem?
    Thanks for your help,
    Mike Fasheh

    Hi folks !
    I have made this configuration a couple of times without problems (other iisproxy version), but for some reason this time is not working and Im totally desesperated =(
    Scenario:
    - 1st server, win 2003, iis 6.0: Iisproxy 1.6.2 installed, it forwards the requests correctly
    - 2st. server, ibm with aix, sap ep 6.0 sp12. Configurations made for NT authentication.
    The problem:
    For some reason the virtual directories defined in IisProxy.xml file are not taking the IIS Security Settings (Integrated Windows Authenticated). The iisproxy is just forwarding the request, but the IIS is not making the NT authentication.
    If I change the name of the virtual directory in the IisProxy.xml file (put any name). In this case, IIS applies the security settings correctly.
    Any clue about this ?
    Thanks a lot for your help !!!!!!
    Regards from Mexico,
    Diego

  • Windows authentication for SQL 2005 DB connect

    Hi all,
    I'm trying to create a DB connect
    in the connection parameters when I mention a user name and password who is created as a SQL authentication then it is working fine.
    but in my connection parameters if I mention a user name password who have a Windows authentication in the SQL 2005 which we are trying to connect then it gives an error. It is not connecting .
    Can you please tell me how can we connect using a windows authentication.
    Mey

    Solution to solve the actual issue :
    For the SAP system to use standard default NT authentication
    Please refer to this link: http://help.sap.com/saphelp_nw04s/helpdata/en/9c/d736b880c34f76b507bac7751a0474/content.htm
    1.       Database login:
    SQL Server login with System Administrator privileges, that is this login should be member of the sysadmin fixed server role on the target SQL Server. If such a login does not exist, you have to create it on the target SQL Server. The SAP multi-connect mechanism allows both integrated security logins and the use of SQL Server authentication. For security reasons, we highly recommend to use integrated security (Windows authentication). If you use Windows security, leave this field empty.
    2.     &#61601;        Password / Re-enter password :
    If you have decided to use integrated security, leave these fields empty. Otherwise enter the password of the SQL Server login.
    The above pointer was used to solve the login issue but we still had issues in getting the schema visible in SAP BW. As the user ID was left blank we were not able to get the schema view for the <blank> user.
    Note to be applied to solve the Schema issue :
    note 1091929 : &#61664; Link
    so now you can enter the schema to be used in DS creaton screen.

  • Prerequisites for Using Windows NTLM Authentication

    Hi,
    One of the prerequisites for using Windows NTLM Authentication, mentioned on help.sap.com documentation, is:
    - The user’s Web browser must be a Microsoft Internet Explorer
    This means that users not using Internet Explorer can’t authenticate using other web browser (Firefox and Netscape).
    In PAM, SAP says that web browser based on mozzila 1.7.x is also supported, and from this version on, Firefox and Netscape, both, support NTLM.
    NTLM Authentication in portal, still be supported with IE web browser?
    Thanks and Regards,
    Paul

    Hi Paul,
    I suspect that although it may not be officially supported, it will work.  The main thing is that a frontend web server perform the NTLM authentication and pass the header variable back to the J2EE engine.  By the time the header gets back to the J2EE engine, I dont think the portal has any idea how the header REMOTE_USER was generated, just that it was.
    Not positive though, as I havent tested the scenario you describe below..just thought I'd throw in my two cents.
    Marty

  • Safari for Windows will not log into IIS sites with Windows Authentication

    Safari for Windows will not log into IIS sites with Windows Authentication enabled. The IIS log has thousands of login attempts from Safari that result in 401 errors.
    I disable Windows Authentication on IIS and it works fine. The problem with that is that my Windows clients stop working properly with seemless logins when I disable this.
    The expected behavior is that Safari will work with basic authentication when NTLM does not work. That would result in a password prompt followed by a successful login instead of Safari stopping at "Loading" while hammering the IIS logs.
    It does this on all machines that I have tried.
    Any ideas or is this a bug?

    I noticed that as well. I have to wonder if it's due to not making note of the the different end of line characters between Mac OS X and Windows in code.

  • What is windows authentication for SAP?

    Hi All,
        Could you please expalin me on what is windows authentication and why do SAP need it ?
    I hav got a message from BASIS consultant saying that SAP/ PM accounts needs windows authentication nad we need to mail him for that....what did he mean and what happens if we dont?
    Thank you,
    Regards.

    read in the net..

Maybe you are looking for

  • SYNC no longer in System Pref

    PHD worked for a time but now Sync is no longer found in System Preferences and the home icons on the tool bar at the top are gone. Workgroup Manager setup checks out OK; all other users with PHDs work just fine. Sync seems to be only from Network Ho

  • Converting  .chm files to pdf files using robohelp

    Can we convert .chm files to pdf files using robohelp plz? any help regarding this would be appreciated. kohsa

  • FLAC vs Apple Lossless file sizes

    I've been looking into moving up to lossless audio files. From what I've been able to discover, FLAC and Apple Lossless should be roughly the same file size, but I downloaded a 24-bit/44.1kHz FLAC from the Bowers & Wilkins site (about half-way down t

  • 20:00 until full charge?

    I bought a battery from eBay about a month ago and it has worked great. Today, I was using my MacBook and it said 20:00 until full charge and was stuck at 68-69% charge according to the MacBook. I have taken out the battery and reinstalled it and hav

  • How to connect from Worshop to Oracle 9.2

    From Weblogic worshop I am trying to connect to Oracle 9.2.I would like to know what should be my correct entries for the Driver and URL. I tried choosing weblogic.jdbc.oci.driver. I get an exception Invalid username/password. It is also possible tha