Pass Through Auth Not Using Novell eDirectory Over RDP - Virtual Desktop

Hi,
I have installed and configured SGD and the Virtual Desktop Adapter to a Virtual Center server. So far that whole side of things is working great. Machines are cloned, prepped and connected to by users through the My Desktop link in SGD. Now that I am attempting to perfect the master template I have encountered some issues. The network here is Novell eDirectory and at the moment when the desktop is launched the username and password used to authenticate to the SGD webtop are passed through to the Virtual Machine, but it seems that they are passed through to the Windows Authentication System/GINA even though the Novell client is in place.
The virtual machines are Windows XP and by default none of the user accounts exist locally, so of course the login fails. This drops the user back to the login box where it can be seen that the Workstation Only tick box is checked. Settings in the Novell client to always default to eDirectory authentication, forget last setting used etc has all been set properly. Even when hiding the Workstation Only tickbox the username and password are passed to local system authentication still.
I need to get the username and password sent to the Novell eDirectory authentication system/GINA in order for Zenworks to create the user on the local system. When dropping back to the login box and manually unticking the Workstation Only box login proceeds normally. Drives are mapped and the local user account is created by the Zenworks agent.
Is SGD specifically targeting an authentication subsystem within the virtual machine, regardless of your installed authentication handler/GINA preference order? Can I get SGD to pass the details to the Novell client? Barring that is there some way I can prevent SGD passing the details? I tried turning off some of the authentication details caching etc but some of that is needed to rename the virtual machines after the user connecting. For the time being having users authenticate twice would be acceptable, having them login in, then get an error message, then manually unticking Workstation Only then relogging in is not acceptable.
I have been searching these forums, Novell forums, Terminal Server forums for answers but so far nothing has been of any help. Please note that the login box is not the cut down/windows only login box that users are seen when they connect over RDP to a machine that already has a user logged in locally. There is no user logged in locally and the full login box is presented once the login failed message is cleared.
Any help, or even a nudge in the right direction would be great.
Thanks
Russ

Hi,
Thanks for taking the time to respond. I tried the full context user name path as well, but its defiantly just being passed to a different GINA. The only credentials that determine if you have RDP access to a server is the local machines credentials, so Microsoft have the service pass authentication straight to the Microsoft GINA non-interactively instead of honouring the installed GINA's. So it will fail no matter what I put in since the account doesn't exist locally yet. People have implemented solutions that depend on Active Directory domains, but that's what I am trying to avoid.
In that situation the AD Domain would allow access to the local machine based on Windows permissions, and a registry setting TSAutoLogin or something would trigger the Novell log in in parallel to map the Netware shared volumes. With no domain you can't get the initial log in triggered for the Novell client to kick in.
Connecting to the virtual machine using an RDP client without pre-entering authentication information does show the Novell Login (NWGINA) with all the right settings in place, so I have modified the expect (login) script for SGD not to automatically pass log in information through with the RDP connection it makes. The result is a clean Novell login box without any errors that a user can just enter their details into a second time.
Russ

Similar Messages

A year ago I brought a 1 TB hard drive (My Passport), I have not used it for over 4 months and now when I use the USB cord to connect it to my mac, it does not register the hard drive. Does anyone know why this is happening?

A year ago I brought a 1 TB hard drive (My Passport), I have not used it for over 4 months and now when I use the USB cord to connect it to my mac, it does not register the hard drive. Does anyone know why this is happening?

The beeps could be caused by something as simple as a loose internal wire or connection. If it is under warranty (not sure how long that is, as WD drives range from 1 to 5 years depending on the model's series - I think "my passport" drives are 3 years) you could contact WD and ask them about it.
If it is out of warranty, you could also try opening the case and check the connections - the drive may be fine, and there have been posts on TomsHardware forums of people getting the beeps, opening up the case and the drive is fine, just some wire worked loose.

Is there a way to send a large video file through email, not using websites?

Hey guys,
Just wondering if there is an easy way to send a large video file through email, not using websites such as yousendit.com.
If anyone knows please respond, would be greatly appreciated! Thank you

No there isn't. Most all Email providers, whether your ISP or some other provider like Google, Yahoo, Microsoft with their Outlook.com or Office365 and Apple's own iCloud system, have a linit on the max size a email can be. Most are around 10MBs some slightly larger but if the vieo you want to send to someone it larger than that you will have to upload it to a website and then have the people you want to view it download it from that website.

How to run Windows 7 over a virtual desktop in a Blackberry Smartphone?

Hi,
Thank you for posting your question in Microsoft Community. I understand that you want to know whether you can run Windows 7 over a virtual desktop in a Blackberry Smartphone.
The issue you posted would be better suited in Blackberry Support Community Forums.
I would suggest you to post your question in the below link:

Hi and Welcome to the Community...and apologies for the delay!
Hopefully you already have this resolved, but just in case...
Do I understand that you wish to, on a BB itself, run a virtual Windows 7 environment? Or do you instead desire to activate a remote control session over a Windows 7 computer from your BB device?
Please clarify (though I don't think either are actually possible...).
Good luck!
Occam's Razor nearly always applies when troubleshooting technology issues!
If anyone has been helpful to you, please show your appreciation by clicking the button inside of their post. Please click here and read, along with the threads to which it links, for helpful information to guide you as you proceed. I always recommend that you treat your BlackBerry like any other computing device, including using a regular backup schedule...click here for an article with instructions.
Join our BBM Channels
BSCF General Channel
PIN: C0001B7B4 Display/Scan Bar Code
Knowledge Base Updates
PIN: C0005A9AA Display/Scan Bar Code

Static NAT pass-through; can not get to work

I am not having any luck getting a static NAT pass-through to work.
BM3.8/NW6.5 all patched to the latest patches (no betas). IPFLT is NOT
loaded.
My internal network on one LAN all have 10.100.xxx.xxx private addresses.
Dynamic NAT works great.
I have secondary public IP addresses bound to my public NIC. Static NAT
mapping between the secondary public IP addresses and the couple of
individual private addresses work just fine. In other words, all has been
working fine.
I need to give one of those internal resources its public IP address
(change it's private to its public).
OK, I went into the NAT table and changed the proper public <-> private to
public <-> public (identical addresses). I changed the internal computer
to it's public address/mask with the same default gateway the server is
using. The internal computer can now only ping itself; can't even ping
it's default gateway. I did reinitialize, and also restarted. I can not
get the pass-through connection to work.
Any thoughts will be well received.
Bob

Robert,
It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.
Has your problem been resolved? If not, you might try one of the following options:
- Visit http://support.novell.com and search the knowledgebase and/or check all
the other self support options and support programs available.
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://support.novell.com/forums)
Be sure to read the forum FAQ about what to expect in the way of responses:
http://support.novell.com/forums/faq_general.html
If this is a reply to a duplicate posting, please ignore and accept our apologies
and rest assured we will issue a stern reprimand to our posting bot.
Good luck!
Your Novell Product Support Forums Team
http://support.novell.com/forums/

SharePoint 2010 with LDAP authentication, using NOVELL eDirectory

One of my customers needs a SharePoint application that allows people to authenticate with either an Active Directory account (internal staff) or a Novell eDirectory account (external customers).
Using the following article as a base guide (http://blogs.technet.com/b/speschka/archive/2009/11/05/configuring-forms-based-authentication-in-sharepoint-2010.aspx)
I configured a claims-based test application that had Windows authentication enabled and Forms based authentication (FBA) enabled (this is on a Windows 2008 server and not a domain controller)
In the Membership provider name text box I entered "LdapMember"
In the Role provider name text box I entered "LdapRole"
In the web.config for the SharePoint Central Admin, I modified/added the following details right before </system.web>
<membership>
<providers>
<add name="LdapMember"
type="Microsoft.Office.Server.Security.LdapMembershipProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
server="ldap.server.address"
port="389"
useSSL="false"
connectionUsername="cn=ldapserviceid,ou=sharepoint,ou=test,ou=location,o=validobject"
connectionPassword= "validpassword"
userDNAttribute="dn"
userNameAttribute="cn"
userContainer="OU=people,O=validobject"
userObjectClass="person"
userFilter="(ObjectClass=person)"
scope="Subtree"
otherRequiredUserAttributes="sn,givenname,cn" />
</providers>
</membership>
<roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider" >
<providers>
<add name="LdapRole"
type="Microsoft.Office.Server.Security.LdapRoleProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
server="ldap.server.address"
port="389"
useSSL="false"
connectionUsername="cn=ldapserviceid,ou=sharepoint,ou=test,ou=location,o=validobject"
connectionPassword= "validpassword"
groupContainer="OU=people,O=validobject"
groupNameAttribute="cn"
groupNameAlternateSearchAttribute="samAccountName"
groupMemberAttribute="member"
userNameAttribute="sAMAccountName"
dnAttribute="distinguishedName"
groupFilter="((ObjectClass=group)"
userFilter="((ObjectClass=person)"
scope="Subtree" />
</providers>
</roleManager>
I modified the SecurityTokenServiceApplication web.config with these details
<system.web>
<membership>
<providers>
<add name="LdapMemebr"
type="Microsoft.Office.Server.Security.LdapMembershipProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
server="ldap.server.address"
port="389"
useSSL="false"
connectionUsername="cn=ldapserviceid,ou=sharepoint,ou=test,ou=location,o=validobject"
connectionPassword= "validpassword"
userDNAttribute="dn"
userNameAttribute="cn"
userContainer="OU=people,O=validobject"
userObjectClass="person"
userFilter="(ObjectClass=person)"
scope="Subtree"
otherRequiredUserAttributes="sn,givenname,cn" />
</providers>
</membership>
<roleManager enabled="true">
<providers>
<add name="LdapRole"
type="Microsoft.Office.Server.Security.LdapRoleProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
server="ldap.server.address"
port="389"
useSSL="false"
connectionUsername="cn=ldapserviceid,ou=sharepoint,ou=test,ou=location,o=validobject"
connectionPassword= "validpassword"
groupContainer="OU=people,O=validobject"
groupNameAttribute="cn"
groupNameAlternateSearchAttribute="samAccountName"
groupMemberAttribute="member"
userNameAttribute="sAMAccountName"
dnAttribute="distinguishedName"
groupFilter="(&(ObjectClass=group))"
userFilter="(&(ObjectClass=person))"
scope="Subtree" />
</providers>
</roleManager>
</system.web>
I modified the web.config of the test application I created with these details
<roleManager defaultProvider="c" enabled="true" cacheRolesInCookie="false">
<providers>
<add name="c" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthRoleProvider, Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
<add name="LdapRole" type="Microsoft.Office.Server.Security.LdapRoleProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
server="ldap.server.address"
port="389"
useSSL="false"
connectionUsername="cn=ldapserviceid,ou=sharepoint,ou=test,ou=location,o=validobject"
connectionPassword= "validpassword"
groupContainer="OU=people,O=validobject"
groupNameAttribute="cn"
groupNameAlternateSearchAttribute="samAccountName"
groupMemberAttribute="member"
userNameAttribute="cn"
dnAttribute="dn"
groupFilter="(&(ObjectClass=group))"
userFilter="(&(ObjectClass=person))"
scope="Subtree" />
</providers>
</roleManager>
<membership defaultProvider="i">
<providers>
<add name="i" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthMembershipProvider, Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
<add name="LdapMember" type="Microsoft.Office.Server.Security.LdapMembershipProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
server="ldap.server.address"
port="389"
useSSL="false"
connectionUsername="cn=ldapserviceid,ou=sharepoint,ou=test,ou=location,o=validobject"
connectionPassword= "validpassword"
useDNAttribute="true"
userDNAttribute="dn"
userNameAttribute="cn"
userContainer="OU=people,O=validobject"
userObjectClass="person"
userFilter="(ObjectClass=person)"
scope="Subtree"
otherRequiredUserAttributes="sn,givenname,cn" />
</providers>
</membership>
With all of this configured, I can go to the new test site, I do see the form where I can choose either Windows authentication or Forms authentication. I can successfully login with Windows authentication, but forms authentication gives me me an error.
The server could not sign you in. Make sure your user name and password are correct, and then try again.
I can successfully login to a LDAP management tool, using the same credentials I entered on the form, so I know the username and password being submitted are correct. I get the following items in the event viewer
8306 - SharePoint Foundation - The security token username and password could not be validated.
in the SharePoint trace logs - Password check on 'testuser' generated exception: 'System.ServiceModel.FaultException`1[Microsoft.IdentityModel.Tokens.FailedAuthenticationException]: The security token username and password could not be validated. and
then this:
Request for security token failed with exception: System.ServiceModel.FaultException: The security token username and password could not be validated.
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.ReadResponse(Message response)
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst, RequestSecurityTokenResponse& rstr)
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst)
at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForContext(Uri context, Boolean bearerToken, SecurityToken onBehalfOf, SecurityToken actAs, SecurityToken delegateTo)
I monitored the LDAP server and did a packet-trace on the communication happening between the SharePoint server and the LDAP server and it is a bit odd. It goes like this:
The SharePoint server successfully connects to the LDAP server, binding the ldapserviceid+password
The LDAP server tells the SharePoint server it is ready to communicate
the SharePoint server sends an LDAP query to the LDAP server, asking if the name entered in the form authentication page can be found.
The LDAP server does the query, successfully finds the entered name and sends a success message back to SharePoint
The LDAP server sends notification that it is done and is closing the connection that was bound to theldapserviceid+password
The SharePoint server acknowledges the connection is closing
... and then nothing happens, except the error on SharePoint
What I understand is that the SharePoint server, once it gets confirmation that the submitted username exists in LDAP, should attempt to make a new LDAP connection, bound to the username and password submitted in the form (rather than the LDAP service account
specified in the web.config). That part does not seem to be happening.
I am at a standstill on this and any help would be greatly appreciated.

OK, our problem was resolved by removing any information about the ASP.NET role manager. Initially, we had information about a role manager defined in three different web.config files, as well as in the SharePoint Central Administration site, where there
is the checkbox to Enable Forms Based Authentication (you see this when you first create the new SharePoint app, or afterwards by modifying the Authentication Provider for the app.) In either case, you will see two text boxes, underneath the checkbox item
for enabling Forms Based Authentication:
"ASP.NET Membership provider name"
"ASP.NET Role manager name"
We entered a name for Membership provider, and left Role manager blank.
In the web.config for the SharePoint Central Administration site, the SecurityTokenServiceApplication app, and the web app we created with FBA enabled, we entered the following:
<membership>
<providers>
<add name="LdapMember"
type="Microsoft.Office.Server.Security.LdapMembershipProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
server="ldap.server.address"
port="389"
useSSL="false"
connectionUsername="cn=ldapserviceid,ou=sharepoint,ou=test,ou=location,o=validobject"
connectionPassword="validpassword"
useDNAttribute="false"
userDNAttribute="dn"
userNameAttribute="cn"
userContainer="OU=people,O=validobject"
userObjectClass="person"
userFilter="(ObjectClass=person)"
scope="Subtree"
otherRequiredUserAttributes="sn,givenname,cn" />
</providers>
</membership>
<roleManager>
<providers>
</providers>
</roleManager>
useDNAttribute="false" turned out to be important as well.
So, for us to get LDAP authentication working between SharePoint 2010 and Novel eDirectory, we had to:
leave anything related to the role provider blank
configure the web.config in three different applications, with the proper connection information to reach our Novel eDir
Ensure that useDNAttribute="false" was used in all three on the modified web.config files.
Since our eDir is flat and used pretty much exclusively for external users, we had never done any sort of advanced role management configuration in eDir. So, by having role manager details in the web.config files, SharePoint was waiting for information from
a non-existent role manager.

How to mark PCI devices for pass through in host using Powercli?

PCi devices in host can be retrieved using Get-VMHost command . How do i mark the device for pass through in host?
Please help on how this can be done. Thanks in advance.

Hi,
I don't think supressing through Global Personalization will change the business logic. Within the Business Logic it checks for the mandatory field.
After the changes I guess you need to make the changes accordingly.
The below link might be of some help.
http://wiki.sdn.sap.com/wiki/pages/viewpage.action?spaceKey=profile&title=ESSPersonalInformationUIenhancementwithoutmodification&decorator=printable
Please correct if I am wrong.
Cheers-
Pramod

Web Pass-Through Does Not Redirect

We have an issue in which when a client connects to the guest/pass-through WLAN, it does not automatically redirect to the "accept" page. Instead, it only works if you manually input an IP address into the web browser which will then bring up the "accept" page... then users can go ahead and surf the web. Does the controller forward DNS traffic in advance of a user clicking "accept"?

I think I found part of the problem.
We have two internal DNS servers and only one had "recursion" enabled. Even though both were in DHCP, it appears that the WLC was only allowing requests to one DNS server. (The one with recursion disabled.) For example: when connected to the guest WLAN, I was unable to run "nslookup" and resolve on both DNS servers. Only one server would respond... yet, as soon as an HTTP request is hijacked and I click the "accept" button, it allows me to run an "nslookup" against both DNS servers. I'm wondering if, for security purposes, if the controllers only allow DNS resolution requests to one IP initially until the "accept" button is clicked.

Mail Through Lotus Notes using D2k

Hi
I want to use OLE2 for mailing utility through application. for the validation purpose i want to trace password for current session of Lotus notes, Is it possible to get password of lotus notes since it is third party software.
Thanks in advance
Vishal

How do you get the lotus notes password for any other appln other than forms
For eg if you want to take the notes password for a java appln how do you do that?

I' d like to send files through webservice not using XI

i am trying p2p connection with Webservice.
sending message success but files not.
is any way to send files? someone tell that SOAP attach maybe help me.
but i don't know how to do.
please let me know how to use SOAP attach in SAP.
all your comments make me solve my problem.
thanks.

InDesign CS4 can open .indd, .indt and .inx files from earlier versions, but not from later. It should, however, be able to open .idml files saved or exported from newer versions, with the understanding that unsupported features will be lost, text will probably reflow due to differences in texts engines between versions, and that the greater the gap between versions the more likely there are to be noticeable differences from the original. You will need to be sure CS4 is at version 7.0.6 to read the .idml.

Is there a way to pass through a login using Edge Inspect?

This basicly falls under anything that would require a un/pw to access. Is there a workaround?

Check out #6 in this document: http://forums.adobe.com/docs/DOC-2493
"HTTP Authentication support — Browse to URLs that require HTTP authentication, and see the login/password form on Edge Inspect devices. If your URL contains the login id/password, Edge Inspect devices will authenticate without the form. (e.g., using a URL like: http://login:[email protected])"
Hope this helps,
Mark

Logical partitioning, pass-through layer, query pruning

Hi,
I am dealing with performance guidelines for BW and encountered few interesting topics, which however I do not fully undestand.
1. Mainetance of logical partitioning.
Let's assume logical partitioning is performed on year. Does it mean that every year or so it is necessary to create additional cube/transformation and modify multiprovider? Is there any automatic procedure by SAP that supports creation of new objects, or it is fully manual?
2.Pass- though layer.
There are very few information about this basic concept. Anyway:
- is pass through DSO write optimized one? Does it store only one loading - last one? Is it deleted after lading is sucessfully finished (or before new load starts)? And - does this deletion do not destroy delta mechanism? Is the DSO replacing PSAfunctionally (i.e. PSA can be deleted every load as well)?
3. Query pruning
Does this happen automatically on DB level, or additional developments with exits variables, steering tables and FMs is required?
4. DSOs for master data loads
What is the benefit of using full MD extraction and DSO delta insetad of MD delta extraction?
Thanks,
Marcin

1. Mainetance of logical partitioning.
Let's assume logical partitioning is performed on year. Does it mean that every year or so it is necessary to create additional cube/transformation and modify multiprovider? Is there any automatic procedure by SAP that supports creation of new objects, or it is fully manual?
Logical partitioning is when you have separate ODS / Cubes for separate Years etc ....
There is no automated way - however if you want to you can physically partition the cubes using time periods and extend them regularly using the repartitioning options provided.
2.Pass- though layer.
There are very few information about this basic concept. Anyway:
- is pass through DSO write optimized one? Does it store only one loading - last one? Is it deleted after lading is sucessfully finished (or before new load starts)? And - does this deletion do not destroy delta mechanism? Is the DSO replacing PSAfunctionally (i.e. PSA can be deleted every load as well)?
Usually a pass through layer is used to
1. Ensure data consistency
2. Possibly use Deltas
3. Additional transformations
In a write optimized DSo - the request ID is key and hence delta is based on request ID. If you do not have any additional transformations - then a Write optimized DSO is essentially like your PSA.
3. Query pruning
Does this happen automatically on DB level, or additional developments with exits variables, steering tables and FMs is required?
The query pruning - depends on the run based and cost based optimizers within the DB and not much control over how well you can influence the execution of a query other than havin up to date statistics , building aggregates etc etc.
4. DSOs for master data loads
What is the benefit of using full MD extraction and DSO delta insetad of MD delta extraction?
It depends more on the data volumes and also the number of transformation required...
If you have multiple levels of transformations - use a DSO or if you have very high data volumes and want to identify changed records - then use a DSO.

Novell eDirectory load balancing

Dear community,
we use Novell eDirectory (LDAP) to verify our users in the portal.
We are Running SSL over port 636.
New situation is that the LDAP collegues implemented load balancing .
The problem now is that the certificate from the maschine responsible for the load balancing not contain any servername in the CN compaired to the (OLD) direct access to LDAP where the certificate contained a name CN=severname.domain.
The new certificate only contains an O=name and
OU= Organizational CA.
For the definitions in the UME a servername is needed in the certificate . Otherwise the connection check returns an error.

Answer to my question: http://ieoc.com/forums/p/26385/218976.aspx#218976

Issue during integrating OIM 9.1 with novell edirectory 8.8

Hi,
We are trying to integrate OIM 9.1 with Novell edirectory 8.8 using novell edirectory 9.0.4.2 connector.
while privisioning i m facing the following issue
DOBJ.THROWABLE_IN_SAVE Unhandled throwable java.lang.NoClassDefFoundError in com.thortech.xl.dataobj.tcScheduleItem's save.
User is getting created OID but not provisioned to edirectory.
Thanks in Advance
Manju

Hi,
Thanks for responding.
I am trying to provision users to novell edirectory.
I create user in Oracle Idenity Manager 9.1 then select the Resource profile and provision new resource(to edirectory 8.8).
During the last step of provisioning when i click continue button Oracle Idenity Manager is throwing the below error in the next screen with message "Provisioning is been initiated". But user is not created in the edirectory.
DOBJ.THROWABLE_IN_SAVE Unhandled throwable java.lang.NoClassDefFoundError in com.thortech.xl.dataobj.tcScheduleItem's save.
In the open tasks, System Validation task is created with the status Pending.
Please help me to rectify this issue.
Also let me know whether anyone has tried to integrate Oracle Idenity Manger 9.1 with edirectory 8.8 using Novell edirectory 9.0.4.2 connector.
Thanks

Siebel SSO Integration with Novell eDirectory

I am wondering if anyone on this forum has worked with integrating a SSO solution using Novell eDirectory and Siebel. I have personally worked on SSO integrations with Siebel using Cleartrust and Siteminder and they are all basically the same concept however, I am facing issues trying to get the Novell SSO solution to work with Siebel.
I am using the standard LDAP Security adapter and I can make a basic connection into Siebel using LDAP. When implementing SSO I am using a "header" value and a custom userspec name that is different then then "Remote_Use" name mentioned in the Siebel SSO documentation. With SSO turned on I am successfully able to authenticate and almost get all the way into the home page of Siebel before the IE browser crashes. The SWSE log files, interestingly enough, show that my userspecsource is equal to header and that my userspec is correct and then I see the SISNAPI connection occurring between the Siebel We Server and the Siebel AOM but then after the IE browser crashes I see the SWSE log which then tries to picks up Siebel's default userspec " Remote_User" value which is not confiugred or turned on anywhere from within the application. I was just wondering if anyone else had faced similar issues when integrating Siebel into Novell eDirectory for SSO. I have also reviewed the configuration on Novell's side and they are protecting the correct object manager and are also using the same exact userspec name as what we have defined within the eapps.cfg of Siebel. We are using Siebel 8.1.1 Any ideas or help would be greatly appreciated as I have not gotten much support from my open SR on this issue.

I am wondering if anyone on this forum has worked with integrating a SSO solution using Novell eDirectory and Siebel. I have personally worked on SSO integrations with Siebel using Cleartrust and Siteminder and they are all basically the same concept however, I am facing issues trying to get the Novell SSO solution to work with Siebel.
I am using the standard LDAP Security adapter and I can make a basic connection into Siebel using LDAP. When implementing SSO I am using a "header" value and a custom userspec name that is different then then "Remote_Use" name mentioned in the Siebel SSO documentation. With SSO turned on I am successfully able to authenticate and almost get all the way into the home page of Siebel before the IE browser crashes. The SWSE log files, interestingly enough, show that my userspecsource is equal to header and that my userspec is correct and then I see the SISNAPI connection occurring between the Siebel We Server and the Siebel AOM but then after the IE browser crashes I see the SWSE log which then tries to picks up Siebel's default userspec " Remote_User" value which is not confiugred or turned on anywhere from within the application. I was just wondering if anyone else had faced similar issues when integrating Siebel into Novell eDirectory for SSO. I have also reviewed the configuration on Novell's side and they are protecting the correct object manager and are also using the same exact userspec name as what we have defined within the eapps.cfg of Siebel. We are using Siebel 8.1.1 Any ideas or help would be greatly appreciated as I have not gotten much support from my open SR on this issue.

Pass Through Auth Not Using Novell eDirectory Over RDP - Virtual Desktop

Similar Messages

Maybe you are looking for