Recent Single sign on document posted

Similar Messages

• I have an iMac and have been using Adobe reader successfully for sometime. Recently, however, whenever I go to sign a document on Adobe reader The document closes unexpectedly with an error statement. I have already uninstalled and reinstalled Adobe reade

  I have an iMac and have been using Adobe reader successfully for sometime. Recently, however, whenever I go to sign a document on Adobe reader The document closes unexpectedly with an error statement. I have already uninstalled and reinstalled Adobe reader with no improvement. What do I do next?

  Please post the full error message, plus OS and Reader versions.

• How do i create a single sign on environment from scratch?

  setting up a single mac mini 10.6.6 server in a small law firm and want to create a sso environment from scratch. i have currently got everything working fine as an open directory master, but every reference to sso that i can find, talks about joining an existing sso environment, or joining ad, creating a triangle, but never a stand alone od master to create the sso. am i missing something, or is it not possible or practical to do in such a small office with just a few users?
  thanks for any help understanding this.

  i appreciate your input Rikakiah, although i am glad i don't have to pronounce your alias out loud
  anyway, that's starting to sound like something i might want to try, because so much of what i want to do is not really working the way i'm doing it. it had crossed my mind, but wasn't sure i was going to avoid problems by using network home folders instead of mobile accounts. at this point, i have only one of the four workstations bound to the server, which was purchased as a mac mini snow leopard server with the dual internal drives, and was set up as a mirrored raid with the 2 internal 500 gig drives.
  i am seeing what seems to me like some odd behavior with network accounts working with the log in screen (all the users show up in the log in screen properly as network accounts, but only one account, the one that matches exactly the local account user name and password and allows log in) and auto mounting group shares are not seeming to work at all. what seems odd, is that management of the local account seems to be working great, and has merged management with the local account. the user still has all their existing documents and settings, but i can see that the things like the control panels i locked them out of are grayed out. so to be try to be clear here, i have 4 network accounts set up in wgm, and on the log in screen, i see 3 network accounts with the typical network user icon, and what looks like the original account with the original icon. i can only log in using that account, but when i get in there, it's managed ok. i expected to see the original local account and 4 network accounts, but evidently using the same user name on the server as the local account caused this. when i try to log in with one of the other network accounts, the login screen shakes it head no.
  for the record, from another post talking about network log in issues, on the local system, setting System Preferences>Accounts>Login Options>Allow network users to log in at login window>Options>Only these network users: can mess this up, but my settings there are fine, since i had never messed with that. it says "allow all network users" or something like that.
  here's what i am trying to get to: auto mounting group shares and single sign on for afp group folders and ichat, and as you said to allow the users to move around from workstation to workstation as needed. as you know, there's a myriad of settings to make this all happen. i don't see how anyone can help me fix the 2 things that aren't working, unless i give a long winded explanation of what my settings in workgroup manager and server admin are, so here goes…
  i have dns and open directory running fine, a static map of ip addresses so that i can do authenticated directory binding, which seems great so far. in wgm, i have under preferences / computer list the one computer i have bound - computername$ and under window checked always, heading - directory status, list of users, show local users, network users, computer administrators, and other. under options checked always, enable fast user switching, computer administrators may refresh or disable management, and start screen saver after 5 minutes. under access checked always, clicked the gear button once which caused network users - allow - * to appear in the access control list, local only users may log in, local only users use available workgroup settings, and combine available workgroup settings. scripts and items have never checked.
  then for workgroup folders to auto mount, i have set afp auto mounts for each of my 2 groups, partner admin and support staff in server admin / afp. under accounts / groups / support staff / group folder, the support staff auto mount is selected, and the user i am working with is obviously a member of that group under the members tab. finally, under preferences / groups / support staff / items, always and add group is checked and the support staff volume shows up in the list. authenticate selected share point with user's login name and password is grayed out and not checked, and merge with user's items is grayed out and checked. i'm not sure what i am missing to get auto mounting group folders here. btw, the user can for sure log into the group folder with the same user name password that she logs into the workstation with, if she does so manually under the go / connect to server menu.
  oh, and ichat seems to work as expected. she gets sso there! sweet!
  if i do end up trying to go for network home folders, (i would like to see auto mounting group folders working first, before i try) i found something that looks like a no-brainer to add to the mix…
  http://tools.mconserv.net/NHR.html
  thanks everyone for your interest in helping me deploy this server.

• BPEL 10.1.3.1 Developer Preview - BPEL Console Single Sign On

  Can't seem to get into the console. Informs me that it is single sign on but I can't manage to get in with my windows creds. Tried the installation creds as well with no luck. I like the 2 hour lockout (noted sarcasm) but can restart BPEL PM to circumvent that.
  Also, couldn't specify my local database during the installation as it complained it wasn't there (I could connect with other clients).

  Hi..,
  Would you be able to get the BPEL Login Screen with the 'default' domain in it ..?
  Are you be able to get this log in screen...?
  http://<yourserver.domain.com>:<BPEL port that shown while installation>/BPELConsole
  or Read carefully the BPEL Installation Document. Make sure You have done all the Pre Installtion and Post Installation steps while installing the BPEL..
  Thanks n Good luck...,
  Prasant

• Setting up BusinessObjects Enterprise 3.1 for Single Sign On with Xcelsius

  Hi all
  Does anyone have any documentation and/or whitepapers that documents the setting up BusinessObjects Enterprise 3.1 for Single Sign On with Xcelsius Dashboards (xcelsius accessing BusinessObjects universe data through QAAWS and Live Office..
  Thank you for your help.
  Kind regards,
  Dean

  Based on the replies in this thread I'm guessing that there is someone out there that has gotten SSO to work with Xcelsius? If so could you please post the details of how that was achieved?
  When we purchased Xcelsius we were under the impression that it supported SSO but have never been able to get it to work and finally had SAP tell us that Xcelsius did not support SSO.
  Our understanding is that in order to bypass a login for Xcelsius you have to use QaaWS as the datasource and hardcode an enterprise id and password.
  LiveOffice supports SSO but not when it's used as a datasource within Xcelsius.

• Transparent single sign on domain logon / wireless

  Hello,
  I recently found out about the "single sign on" option in combination with "perform immediatly before user logon" which allows a user to enter wifi credentials and so be able to log on to a domain computer without cached credentials.
  It seems like the windows logon screen always shows four input boxes: two for domain credentials and two for wireless credentials.
  I would like to get rid of the double credential boxes in the logon screen and make the logon process transparent to users. Their domain and wireless credentials are the same so they have to enter the same information twice.
  Is this possible or am I doing something wrong?

  Hi,
  Thank you for the update, if no further help needed, please mark the proper post as an answer, this may help the others who might encounter the same issue reading this thread.
  And if any futher questions, welcome to post in Technet forum.
  Best regards
  Michael Shao
  TechNet Community Support

• Signed DocuSign documents are not updating in Microsoft Dynamics CRM record

  My organization uses DocuSign with our Microsoft Dynamics CRM Online instance.
  When we first applied the DocuSign solution, we could send documents using the Send with Docusign feature and a signed version would be automatically up[dated in the same CRM record when the process was complete.
  Recently, the signed copies are not updating in the CRM.

  We don't know. Better to ask over here.
  https://community.dynamics.com/crm/f/117.aspx
  Regards, Dave Patrick ....
  Microsoft Certified Professional
  Microsoft MVP [Windows]
  Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

• Avoid Save As dialog when Signing a document in Acrobat?

  I'm working on a web application that allows users to download a PDF, sign it, and then upload it back to the server. I'm trying to minimize the number of steps required of the user, so I would like to by-pass the Save As dialog that is presented when a user signs a document in Acrobat.  Is there a way to do this?
  Basically, I would like the signed document to be saved *automatically* in one of the following ways:
  1. Automatically overwrite the original document
  2. Save to the same location as the original document, but with a different name (e.g., [original_name]_Signed.pdf)
  3. Save to a subdirectory of the original document's location (e.g., in a "Signed" folder)
  Is this possible using JavaScript or a custom plug-in? Or in a simpler way?

  Okay, let's say I chose to do an HTTP POST of the signed PDF content from the Acrobat browser plug-in to the server -- how would I accomplish that?  Would it require JavaScript in the PDF to make it happen?  Or is there a way to instruct the Acrobat browser plug-in to do it without any custom coding?
  Thanks for your replies, Irosenth.

• OBIEE 11G with Single Sign-On and Active Directory

  Hi guys,
  Release Version: Oracle Business Intelligence 11.1.1.5.0
  Patch applied: 11.1.1.5.0 BP3 (Patch 13832750)
  OBIEE Server operating system: Windows Server 2008 SP2 (32-bits Operating System).
  We are trying to configure Single Sign-On according to TechNote_WNA_SSO_AD_V4.0.doc.
  Our krb5login.conf:
  com.sun.security.jgss.krb5.initiate {
  com.sun.security.auth.module.Krb5LoginModule required
  principal="[email protected]"
  keyTab=cgdkobi2.keytab
  useKeyTab=true
  storeKey=true
  debug=true
  com.sun.security.jgss.krb5.accept {
  com.sun.security.auth.module.Krb5LoginModule required
  principal="[email protected]"
  keyTab=cgdkobi2.keytab
  useKeyTab=true
  storeKey=true
  debug=true
  We generate de keytab file:
  C:\OracleBI11g\user_projects\domains\bifoundation_domain>C:\OracleBI11g\jrockit_160_24_D1.1.24\bin\ktab.exe -k cgdkobi2.keytab -a [email protected]
  Password for [email protected]:XXXXXXX
  Done!
  Service key for [email protected] is saved in cgdkobi2.keytab
  C:\OracleBI11g\user_projects\domains\bifoundation_domain>C:\OracleBI11g\jrockit_160_24_D1.1.2-4\bin\kinit -k -t cgdkobi2.keytab cgdkobi2
  New ticket is stored in cache file C:\Users\cgdkobi2\krb5cc_cgdkobi2
  C:\OracleBI11g\user_projects\domains\bifoundation_domain>C:\OracleBI11g\jrockit_160_24_D1.1.2-4\bin\klist -k -t cgdkobi2.keytab
  Key tab: cgdkobi2.keytab, 1 entry found.
  [1] Service principal: [email protected]
  KVNO: 1
  Time stamp: Mar 15, 2013 10:34
  C:\OracleBI11g\user_projects\domains\bifoundation_domain>klist
  Current LogonId is 0:0x406163f5
  Cached Tickets: (0)
  We re-start the services and logon into analytics web and SSO doesn't work but there's not an error. It runs successfully with and Active Directoy user and password. Seems like SSO wasn't enabled, but I checked is enabled.
  Any suggestion?
  Thanks in advanced

  Follow the posts : OBI 11.1.1.6.SSO and You are not currently signed in to Oracle BI Server" for OBIEE 11.1.1.6 SSO do the troubleshooting mentioned there.
  Also check your logs for error like the one below:
  [2012-03-09T16:42:36.000-05:00] [OBIPS] [NOTIFICATION:1] [] [saw.securitysubsystem.checkauthentication.runimpl] [ecid: 6c98b5cce1f24814:2a613331:135f95fbdff:-8000-0000000000005b7a,0:1:1] [tid: 5932] Authentication Failure.
  Odbc driver returned an error (SQLDriverConnectW).
  State: 08004. Code: 10018. [NQODBC] [SQL_STATE: 08004] [nQSError: 10018] Access for the requested connection is refused.
  [nQSError: 43113] Message returned from OBIS.
  [nQSError: 13039] The impersonator does not exist in the BI Security Service. (08004)[[
  If you are getting this when you login to OBIEE :      You are not currently signed in to Oracle BI Server"
  then you need to apply this patch : 13553428 QA:BLK:DELIVER TO CORP. OID LDAP USERS FAILED WITH IMPERSONATOR DOES'NT EXIST. 11.1.1.6.0 Generic Platform (American English) General Oracle BI Suite EE Apr 5, 2012 799.4 KB
  Let us know the updates. Hope this helps. Mark if it does.!
  Thanks,
  SVS

• Oracle Single Sign on and Oracle Internet Directory

  Hello Gurus,
  What is the relationship between Oracle Single Sign on and Oracle Internet Directory.
  To my understanding, OID is required to install SSO.
  If OID already exist, can we just install SSO and go on integrating it to existing OID.
  Great Thanks,
  vimal jain.
  [email protected]

  Hi Tim,
  I've been working on this and could reproduce the issue with anonymous binds. A fix will be ready in 4.2.1.
  So what I really need is the password used for login to pass to the is_member call.The P101_PASSWORD item does not save state. However, you can access the value during submit processing of the login page, for example in the post authentication function of your authentication scheme. People sometimes put code in there to query the user's groups (e.g. with apex_ldap.member_of2) and save them in an application. This item value can then be used in the authorization schemes.
  Regards,
  Christian

• Single sign-on and different usernames and passwords

  Hello,
  I am building a Portal with WLPS 3.5 and WLS 6.0. I tried to get
  information about the background of single sign-on.
  I understand, that I need a Realm (i.e. LDAP Realm) to authenticate the
  user for the first login to the portal (with username and password).
  Now I would like to integrate my webmail-programm (to get emails from
  Lotus Notes via Internet) as a portlet.
  For my understanding the user has to authorizate to get access to webmail.
  Therefore I create a ACL for webmail and this ACL is assigned to my
  security Realm.
  I would like the portlet to show after login the number of mails for the
  specific user. But where are the username and password for webmail stored
  and how are they received and forwarded?
  I understand that my ACL included all users that have access to webmail
  (i.e. all users). But I only want emails for the specific user.
  Does WLS get all usernames and passwords while the first login? Do I have to
  implement a algorithmen to get the specific username and password for the
  requested resource in my portlet?
  Has anyone solved a similar problem or can tell me where I can get more
  information. I read the WebLogic Security document but I cant find a
  answer to my questions.
  Thanks
  Lydia

  Lydia,
  I'm not an expert in this area, but I can give you a start.
  As for single sign-on, there are different levels. For single sign-on across web-apps,
  the servlet spec requires this (section 12.6 of th 2.3 spec) and therefore Weblogic
  does this.
  What you are talking about is single sign-on across back-end applications through
  a web-app. BEA has partnered with Securant (just acquired by RSA) to provide this
  kind of functionality. Browse to http://www.rsasecurity.com/products/ and look
  at the ClearTrust product. BEA has also partnered with Netegrity (www.netegrity.com)
  with their SiteMinder product. Neither is included in the Weblogic license. I'm
  sure either vendor would be excited to explain how their product will solve your
  problem if you give them a call.
  As for where the username and passwords are stored, that is up to the realm. If
  you are using the default WLPS RDBMSRealm, the username and encrypted password
  are stored in the WLCS_USER table. If you are using LDAPRealm, they are stored
  in your LDAP server.
  Hope this was useful!
  PJL
  [email protected] wrote:
  Hello,
  I am using PersonalizationServer 3.5 and WLS 6.0 SP 2.
  Now I try to unterstand the functionality of Single sign-on when a user
  has different usernames and passwords for different applications.
  Can someone explain where the usernames and passwords for a user are
  stored (all in the LDAP-realm or a RDBMS-realm?) When a user access the
  application how username and passwords are mapped? Or usernames and
  passwords for all applications are the same and will be equalized?
  Precisely I would like to get access to a mail-account for a specific
  user
  (webmail from Lotus Notes).
  Thanks for any help
  Lydia

• Single Sign On and URL's generated from SolMan

  Is it possible to generate single sign on URL's from Solution Manager - or more clearly is it possible to generate URLs to documents that will take advantage of Single Sign On that has already been setup?
  Thanks
  -  Jackie

  Hello Jacqulyn,
  What do you mean by generating SSO URL ? Do you mean you want to developp code that generates this URL or using a standard functionality ?
  Best regards,
  Stéphane.

• Single Sign on and Protect URL step

  Hi,
  I have successfully installed Oracle Internet Directory, Identity Server, Web Pass, Policy manager, Access Server and WebGate (attached to Oracle HTTP Server from Oracle Management Infrastructure).
  My questions are:
  - How do I protect URL so the user will need to login to access certain URL?
  - How do I enable single sign on and test it?
  - What are the general steps involve to enable URL protection (so if the url is protected it will prompt for username and password) and single sign on using Oracle Internet Directory?
  Kindly help me if anyone know a solution or can point me to the right documentation. I have tried to read Oracle Access Manager - Access Administration Guide, but keep getting confused.
  Thanks.
  Regards,
  Alfonso

  Hi,
  You can follow Oracle Access Manager Integration Guide (10.1.4.0.1) B25347-01, chapter 4, to achieve this. This document will answer most of your questions.
  Regards,

• Single Sign-On Netweaver Portal with Cornerstone On Demand

  Hi
  Does someone experiences with Single Sign-On between SAP Netweaver Portal and the Learning Management System of Cornerstone On Demand?
  The options are:
  - SAML: but at this moment we don't have SAML provider. Is it easy to use this with Netweaver 7.01 SP6 ?
  - standard SSO : encrypted string between SAP portal and LMS: client sends encrypted string with userid...based on encryption algorithm.: Has someone developed this (java code) for SSO to an other system?
  But can they use Sap Login Tickets?
  Best regards
  Luc

  Hi,
  I just recently implemented SSO between SAP system and on demand solution from 3rd party provider. We didn't have any guy with Java skills so we implemented HTTP handler in SICF that generates web page with redirection to the 3rd party system. ABAP does not have a good support for various encryption algorithms so we used javascript interpreter available in ABAP AS. Portal just points to ICF service on ECC system that redirects to on demand solution. Implementation took one day. Obviously, in this case all users had to have account in ECC system.
  Cheers

• Single Sign-On (Portal to R/3 Backend)

  Hi all,
  Iu2019m trying to implement Single Sign On (SSO) between our SAP portal (front end) and SAP R/3 ECC 6.0 Backend.  Keep in mind this has nothing to do with Active Directory.
  I read posting after posting from this site and I canu2019t tell you how much documentation and canu2019t seem to get to the root cause of the problem.
  To sum it up, the Test connections in the Portal, which there are 3 (SAP Web AS Connection, ITS Connection, and Connection Test for Connectors)
  The connection tests work for the first 2.  The one that fails is the Connector.
  The errors are not much help.  Here is what I get.
  Test Details:
  The test consists of the following steps:
  1.     Retrieve the default alias of the system
  2.     Check the connection to the backend application using the connector defined in this object.
  Results:
  1.     Retrieval of default alias successful.
  2.     Connection failed.  Make sure the Single Sign-On is configured correctly. 
  Details:       Portal Host name = lansapdep01
       Backend Host name = lansapdev01
  Property Category:  Connector
  Application Host = lansapdev01
  Gateway Host = lansapdev01
  Logical System Name = devcln150
  Remote Host type = 3
  SAP Client = 150
  SAP System ID <SID> = DEV
  System Number = 01
  Server Port 3600
  System Type =  SAP R/3

  You use Server Port 3600, message server.
  It means, while creating a system you used wrong template and picked "SAP system using dedicated application server".
  You should use "SAP system with load balancing", since message server is doing load balancing.
  Once you selected correct template you will see "Message Server" instead of App and GW servers.
  Make sure to fill in
  Group  - Logon group to use. If not defined in R3, use SPACE
  Message Server - ansapdev01
  SAP Client = 150
  SAP System ID <SID> = DEV
  Server Port 3600
  System Type = SAP R/3
  It should work.
  Regards,
  Slava