Jabber 9.2.6 CWMS 1.5 Sigle Sign-on LDAP

Similar Messages

• SAP R/3 ERP 6.0, BI and BO on Sigle Sign On

  Hi Experts,
  We have implemented SAP R/3 ERP 6.0, BI and BO with Crystal Reports.
  Is it possiable configure Single Sign On for the above servers with sigle point of login.
  Using NWBC we can connect single inteerface but is it possiable with SSO.
  Our SAP user must be able to access crystal reports from SAP menu, SAP user NEED NOT to enter another user ID and pwd while accessing Crystal report. His one time SAP login should be enough to use SAP programs as well as  crystal reports
  Similarly, if a user is defined in SAP BI,  he will be using same user ID , Pwd to access BO-Web-I reports
  Please suggest me on this.
  Regards,
  Sandeep K

  Hi Sandeep,
         You can import SAP roles and users in to BOE and then enable single sign. There are different options available to achieve this. Please refer to below links. That will give you some idea.
           /people/ingo.hilgefort/blog/2008/09/19/businessobjects-and-sap--configure-sap-authentication
           http://wiki.sdn.sap.com/wiki/display/BOBJ/HowtosetupXI3.1WebIntelligenceSSOwithSAPBW
           http://wiki.sdn.sap.com/wiki/display/BOBJ/HowtoprepareBOEXI3.1environmentforSNCandgeneratePSE
           http://www.sdn.sap.com/irj/boc/index?rid=/library/uuid/9030bb59-079d-2b10-f8b9-967403481481
           http://www.sdn.sap.com/irj/boc/index?rid=/library/uuid/403cdf46-c63e-2b10-2997-978cb8ba59f0
           http://www.sdn.sap.com/irj/boc/index?rid=/library/uuid/3097fb98-c63e-2b10-e7b8-fb7253566373
           Hope this helps.
  Regards,
  Sanjay

• Can CWMS import Local CUCM users without LDAP

  Hello,
  CWMS documentation states that CWMS integrates with LDAP via CUCM LDAP integration. My question is if the CUCM is not AD integrated will the CWMS be able to import local CUCM directory users via AXL?
  Thanks
  Aamir

  Hello Aamir,
  the "Directory Integretion" from CWMS is based on an integretion to the CUCM user data base.
  So have to pull the data from the CUCM.
  Just go to:
  Users --> directory Integration
  Directory integration can be performed in four steps:
  Add CUCM server.
  Synchronize now and set up a synchronization schedule.
  Enable LDAP authentication.
  Notify your users.
  Hope that helps
  Best regards
  Ben

• Integrate obiee with existing app using sigle sign-on

  have an existing application written in perl. Now i need to integrate this application with obiee. The obiee resides on a different server from the running application, and we want a single single-on. Has anyone done this know how hard it is to do this.

  Dear John,
  from my point of view, we have to seperate the problem in two parts:
  1.) The automatic logon to the struts application via SSO.
  2.) The session sharing via some J2EE mechanism.
  For the SSO (1.) You have to logged on to the portal - with a cookie on the clientside. This cookie can be used for SSO by Your Struts application as long as You share the same session (same browserinstance). This is not difficult examples are available.
  The sessionsharing between a J2EE aap - Struts and an iView is an intersting point. I hope I can get some time to try this out. One trick which is not too clever is to store the session data serialized in a database and privide the sessionid in the url which calls the iView or Struts. Sessionsharing between iViews is no problem as long as You use the HTTPSession.
  Walter

• Sigle sign on WebLogic5.1

  Hello,
  I am exploring Single Sign-On feature on WebLogic server 5.1. I am trying to allow
  SSO between two WebLogic servers running on different machines. Any one knows
  Is Sinle sign-on supported by Weblogic5.1.? How can I configure it?
  Regards. Ravindranath

  i don't think so... AS is for pki, authenitcation and encryption.
  OID is included run-time with Oracle BD license... if you are using OID with outside (or Oracle) services like Active Directory, need to have a full license of OID, this can be obtained by licenses App Server Enterprise Edition or one of the identity mgmt licenses includes it

• Jabber 9.2.5 and above forced Certificates

  Hello all,
  As some of you may already know as of Jabber version 9.2.5 the client force’s Certificates. If there is not a Certificate that is signed by a trusted CA, then the self-signed Cert is used.
  There is no way that I have found to get around this unfortunately and the end result is the first time Jabber client is launched on a PC the person must accept in my case 7 certificate warnings (2xUCM,2xCUC,2xIMP,1xCWMS) that the host it’s connecting to is using self-signed Certs.
  You have 3 options to avoid this
  Stay on version 9.2.4 for the rest of your life, or until Cisco makes this an option we can opt out of
  Deploy the 7 self-signed certs out to all the PC’s (not sure why this is even a real option!!!!)
  Lastly you can generate CSR requests from CUCM, CUC, IMP and CWMS servers to be signed by a trusted CA
  I will set the record straight first. I know very little about Cert's except the fact I dont' like working with them.
  Now for my questions: I have 3
  There are dozens of Cert providers out there, how do I find a LIST of CA’s that the application servers above already trust so I can avoid deploying ROOT CA’s as well to my Applications servers and PC's?
  I'm following the guild below, in it there is a section called "What methods are available for certificate validation?
  http://www.cisco.com/c/en/us/support/docs/unified-communications/unified-presence/116917-technote-certificate-00.html
  In this section it describes 
  Here is a possible requirement you might encounter:
  One Certificate Per FQDN: Some public CAs sign only one certificate per fully qualified domain name (FQDN).
  For example, in order to sign the HTTP and XMPP certificates for a single CUCM IM and Presence node, you might need to submit each CSR to different public CAs.
  I really don't understand this? Surely they dont' mean get the cert for HTTP from one CA and the XMPP from another CA??
  Lastly:
  Is there a roadmap to make this Feature and or Annoyance user customizable? I'm happy to stay on 9.2.4 if there is a less costly / annoying version in the works for the near future.
  Appreciate your help and feedback
  Ryan

  Hi,
  We use the Last jabber 9.6 Build. To avoid the cert question we use dring the Installation the following switches, the cert Switch is here the Import Switch..
  msiexec.exe /i CiscoJabberSetup.msi CLEAR=1 AUTHENTICATOR=CUP CUP_ADDRESS=vCUPPUB1.example.com SERVICES_DOMAIN=example.com CERTIFICATE_VALIDATION=DISABLE
  -joerg

• Jabber for Windows Registration Issue

  I have been facing issue with J4W registration and display error "no connection to server". Following is the version detail:-
  Version CUCM and IM&P---> (10.5.2)
  On-Premises login
  During analysis, i found 2 things in logs:-
  1). Unable to download jabber-config.xml file (Download of TFTP File failed for server ) //// all the other xml files are succesfully downloaded which may indicate that there is an absence of jabber-config.xml file.
  2). While signing into presence "OnLoginError: (data=0) LERR_JABBER_UNREACHABLE <16>: "
  [rc\cert\common\BaseCertVerifier.cpp(250)] [csf.cert.] [cert::BaseCertVerifier::checkIdentity] - About to verify the Subject Alt Name.
  [ls\src\cert\common\CertVerifier.cpp(154)] [csf.cert] [cert::CertVerifier::checkIdentifier] - Verifying identity '162.20.10.30'       
  [rc\cert\utils\AltNameParserImpl.cpp(349)] [csf.cert.utils] [cert::AltNameParserImpl::verify] - Looking for match with 162.20.10.30   
  [rc\cert\utils\AltNameParserImpl.cpp(400)] [csf.cert.utils] [cert::AltNameParserImpl::verify] - No Match Found    
  I tried to change the IP address to FQDN under System---> Server, but after that the connection is lost between CUCM and IM&P.
  Attached is the log file and snapshot of IM&P.
  - See more at: https://supportforums.cisco.com/discussion/12490406/jabber-windows-registration-issue#sthash.E2wXb4iJ.dpuf

  Nishant,
  Sorry for the late reply. You may well have resolved this  by now, if you have can I suggest that you update the post with the resolution so others may benefit.
  Looking at the logs, I can see that Jabber is trying to login to the IMP server below, but its returning server unreachable error.
  Signing into Presence Server. Server: 162.20.10.30, login mode: ON_PREM, result: 0
  [IMPStackCap::Login::OnLoginError] - ****************************************************************
  [IMPStackCap::Login::OnLoginError] - OnLoginError: (data=0) LERR_JABBER_UNREACHABLE <16>:
  [IMPStackCap::Login::OnLoginError] - ****************************************************************
  We will need to look at the IMP logs to know what is going on. Let me know if you still need help with this.

• Messages.app no longer connects to Jabber after App Store auto-installed Remote Desktop Update 3.8.2

  Messages.app no longer connects to my company's Jabber server after App Store auto-installed Remote Desktop Update 3.8.2 (even though I never purchased that app). The Remote Desktop app can not be found anywhere on my machines.
  I suspect the Remote Desktop update because Messages stopped connecting on my office MB Air after the update but still worked on my home iMac. Next day the iMac received the update and Messages stopped connecting on that machine too.
  Messages attempts to connect for several minutes (it's been trying for 30 mins as I type this) and just hangs. Occasional I get the following error message:
  Error: Messages lost the connection to the Jabber account 'account'. A network error occurred.
  I've tried:
  - Deleting and recreating the Jabber account in Messages.app
  - Toggling on/off SSL (SSL required by our server)
  - Toggling on/off auto detect server and port (port 5222 on our server)
  - Deleting every plist, cache, etc., I could find in the Library for any IM client I've ever used
  - Checked that Keychain trusts the Jabber server SSL certificate (it is a self signed cert)
  - Tried connecting from three completely different networks including the company VPN
  - Multiple PRAM resets
  - Setup a Google Talk account in Messages - works fine
  I'm at a loss...
  Kurt

  I installed and setup Adium. Adium works but Messages.app still does not connect to Jabber.

• User shows two phones in Jabber

  I have a user that just decided to use Jabber for the first time.  When she signed in I was showing her how it defaults to using the computer for the calls and how we can change it so that it will dial the phone for her.  When I clicked on that icon I noticed she had two phones listed.  One was hers, the others was someone else.  When we put in the system we had the swap some phones around, so figured that was the reason.  She had this persons, and he had her old one.  (We had limited 6 button phones and as a secretary for a department she needed 6 buttons, he didn't).  I saw that in the Callmanager, version 8.6.2.2, the owner User IDs were changed when we swapped the phones.  I went to change them only for it not to take effect.  I tried saving it and appling config nothing has worked.  Not sure if that is causing the issue with Jabber.  But when she clicks on her phone in Jabber it doesn't work, it will only dial from the phone that used to be hers.
  PS: I just noticed that the person who did the initial swap didn't change the Primary Phones over as well.  I did make that change, but didn't resolve the issue.

  Then you can safely erase the old phone.  Also, if you have an iCloud backup of the old phone that you no longer need, you can delete it from your iCloud account to free up the storage that it occupies.  To do this, go to Settings>iCloud>Storage & Backup>Manage Storage on your new phone, tap the name of your old phone under Backups, then tap Delete Backup.  If you go to icloud.com from your computer, open Find My iPhone and still see the old phone listed as "offline", you can hover your mouse over it on the Devices list, then click the "x" to remove it from the list.

• Can  Partner Application  Access to Login Page's  Information ?

  Hi.
  I wanna write a Partner Application to Access User's Information(UserName, subscriberName or Company Name)
  This information represented by user In login Page.
  I am not specialist in Oracle Sigle Sign-On ,for this reason Please Let me have a Sample .
  Thanks.

  Please see the Single Sign-On Application Developer's Guide. If you write a partner application, this information that you mentioned is passed to you in your success URL.

• SAPGui for Windows Multiple Logon with Portal

  Hi,
  We are using SAPGUI for Windows in Portal in the external window, we are also using it the SAPConsole form the desktop. While using from desktop, the multiple logon (within same client) complains / comes with the pop-up with two standard options.
  We would like achieve the same functionality of popup (Restricting multiple logons for the same client) within the portal, any ideas?
  I came across certain threads and also notes but none seem to provide a solution....
  [Restrict multi logon to R/3 system from portal using single sign on.    |Restrict multi logon to  R/3 system from portal using sigle sign on.;
  [SAP GUI 7.10 and SSO - multiple logons issue. How to restrict it?    |/thread/1623980 [original link is broken];
  Note 142724 - Prevention of multiple SAPGUI logons
  Thank you in advance.
  Best regards,
  Dharmi
  Edited by: Dharmi Tanna on Jun 25, 2010 2:09 PM

  Lonny,
  The best way to authenticate users when they logon using SAP GUI for Windows, is to use SNC authentication in SAP GUi. Then, the browser iview will launch the GUI and the GUI will authenticate the user using their AD credentials issued during the Windows logon. You will need to setup an SNC library on both the ABAP system which the user is logged onto, and the workstation where SAP GUI is installed.
  If you don't use SNC, and you just launch SAP GUI for Windows from browser, then an SSO2 ticket is used to authenticate the user to the ABAP stack, and this is not secure due to the fact that the SAP GUI session which is used to pass the SSO2 ticket is not protected - anybody can intercept the SAP GUI session, take the SSO2 ticket from this traffic and logon as that user - clearly this is bad security and needs SNC to make it secure.
  Thanks,
  Tim

• Third party Logon ticket system - Info Required

  Hello
       We have to integrate existing Broadvision portal to Enterprise portals. We are in the mood of moving to third party logon ticket system. Can anyone suggest which is the best one?.  The user has to login to Broadvision portal first and then by using sigle sign-on to EP next. Can anyone suggest what are the possibilities are there to implement SSO amoung the above hetrogenous portal?

  For time management with the help of transaction pt80 you can download the information about employees with the help of idoc. And there are some programs a.k.a connectors that link access control systems and SAP so that you do not hire the same employee in the access control problem. You hire the employee in SAP and SAP sends the information (HR Minimaster DATA) to the related program.
  It is also do the same thing for the employees who resign. I mean if an employee is fired or resigned from the company than it is sent to the related system.
  These can be found under PDC integrated systems. You can find information about the systems from Ecohub. http://ecohub.sap.com/
  I hope this answer will help.

• How customize the Login Screen

  I have put a login portlet on my portal homepage and set it as the default homepage. but when i try to get on it by URL, it always bring me to sigle sign on page to login.
  can anybody tell me how to set this homepage to be login screen?
  thanks a lot!!

  Hi,
  Make this page the default home page for the public user. This way this page will be the first page before login.
  Thanks,
  Sharmila

• Sso configeration

  hi
  i have installed oracle application server r 2 on windows 2003 server,Reports are working when i run on local area network(lan) Or
  Reports are working fine when i disable the secuirty in the .conf file in the reports / conf directory. but when i connect through internet ,reports are unable to run due to sigle sign on page because it makes url with localhost which is not recognized on internet,
  What are the step by step method to configure Reports with SSO? I would appreciate if you provide some information or any proper documents regarding this.
  Thanks,
  imtiaz

  Erik,
  We are also trying to accomplish SSO towards Domino. I saw that your inquiry dated back to January. Did you find a good answer to your question? Can you point me to any good documentation/examples?
  Any help would be greatly appreciated.
  Virginie

• Implementing authentication using a token (by Vander)

  Someone know how can I implement a Authentication in sigle-sign-on using a driver token??
  thanks for some help

  Bob,
  I believe the simplest way is to use the Page Sentry Function within the APEX built-in authentication scheme. Here, execute a function that queries your table of users using the certificate id. The function should return a boolean value. Save and use this authentication scheme on every page in your app that requires authentication. When the function returns true the user is permitted to view the page. When the function returns false the user is redirected to the Session Not Valid URL or page.
  It's fairly simple and well documented in the user guide and tutorials.
  Mark