SSO not wrking in multiple domains

Similar Messages

• Multiple GWIAs : multiple domains too or not?

  First off, let me confess that this is near the end for our GW system. The reason for creating GWIAs in this manner is to migrate our users' email to another system via IMAP. We have ~6000 users and > 500GB of messages to move.
  With that being said...
  I have not been impressed with the GWIA and its ability to handle what is now "routine" message amounts. We were plagued with daily crashes (sometimes hourly) for months until we got a solution to impose the "imapreadlimit" switch in the GWIA configuration file. It has helped, but I doubt that in its current configuration, our current IMAP GWIA is able to cope with increased load. I am planning on building a few more GWIAs such that when it comes time to hit the button on the multiple-batch IMAP moves, we will have a half dozen or so GWIAs to handle the load. I am mostly concerned with the stability of the internet agents themselves, hence the large number of GWIAs. Novell's doc highly recommends to have the GWIA and domain to live on the same box, but it isn't required. I am faced with now creating a half dozen new domains (which also must sync changes between them and our main domain) in order to get more GWIAs. Or is this not really necessary?
  With my concerns being primarily the GWIAs' stability, is having multiple domains not as necessary? If having multiple GWIAs on multiple systems, what is the preferred method of linking them to a single domain (shared SMB mounts?), and is this problematic if multiple GWIAs would have that share mounted and could be reading/writing to it simultaneously?

  * nebben,
  you don't need GWIAs for IMAP, the GW8 POAs can do IMAP.
  http://www.novell.com/documentation/...a/ak8h81j.html
  Uwe
  Novell Knowledge Partner (NKP)
  Please don't send me support related e-mail unless I ask you to do so.

• Issuing Multiple MYSAPSSO2 tickets for Multiple Domains

  Hi,
  I am having a problem understanding the SAP documentation on how to go about issuing SAP login tickets in multiple domains. In the documentation it states that in order to do so, you require either a IRJ or the SAP ISAPI Web Filter installed in on a server in the target Domain. I have now setup the IIS_SSO.dll ISAPI filter in the domain I require the SSO ticket to be issued in however when I make a request to that webserver I do not see the MYSAPSSO2 cookie being created in my browser, I do see in the ISAPI logs that the request has been filtered and the portal username extracted and set to the configured HTTP Header, but no new Cookie created in the DOMAIN.
  Can anyone help? Has anyone done something like this before?
  Basically I have a portal in the domain <b>myportal.subdomain.domain.com</b> and an ITS in the domain <b>myits.domain.com</b>. With this configuration the MYSAPSSO2 cookie is not sent to the ITS server as it is in a Super Domain. So what I want is to configure the portal to issue a Cookie in the super domain (domain.com) rather then subdomain.domain.com. I thought I could do this with the parameter login.ticket_recieving_hosts in the usermanagment.properties file (EP5) and the IIS ISAPI filter to SSO (IIS_SSO.dll) configured on a website in the super domain (domain.com).
  Any help would be greatly appriciated.
  Simon.

  I believe we had to set the domain relax level (ume.logon.security.relax_domain.level) but needed to make sure this was secure since it changes the domain scope of cookies that are valid for the system.
  See the following:
  http://scn.sap.com/thread/1534863
  http://help.sap.com/saphelp_nw70ehp3/helpdata/en/5e/473d4124b08739e10000000a1550b0/frameset.htm
  Hope this helps.

• Kerberos - Multiple Domain logon using MS Acitve Directory (AS JAVA 7.0)

  I tried to find document/steps to configure the UME LDAP data source in AS JAVA 7.0 to support multi-domains in a domain forest. Our multiple domains have bi-directionaly trust.
  Based on note 994791, the video/demo only shows you how to configure this by creating one J2ee server user in each domain. Then, add data source in the UME xml file for each domain. However, in the note, it also mentioned that for a domain forest, you don't need to do this. You only need to use one j2ee server user. But it didn't provide demo / video / steps in terms of how to implement it - especially how to configure the UME in this scenario.
  (I have successfully configured the system to SSO to one single domain.)

  With help from Holger Bruchelt (who created blogs - Configuring and troubleshooting SPNego -- Part 1,2,3), our multiple domain logon under a global catalog is working. Use note 762419 for reference. Make sure the Java service user account you created can see users in other domain. Make sure the path you use in UME is at the top level that include all the domains. Make sure the port you use is the global port to have read-only right to all domains.

• Multiple Domain files, Multiple Sites, Publishing Problems

  I am frustrated beyond belief. I'm an old hand-coder, coming from BBEdit, but I've been using iWeb almost exclusively since its release, because it really is a great product for quick, easy, stylish designs.
  However.... In that year, my collection of sites has grown to 12. Discovering that iWeb becomes a major dog when dealing with that much material, I found and followed the instructions - today - to separate my sites into individual domain files, and edit them individually. iWeb is much snappier and publishing goes much more quickly.
  The problem? Well... after editing, "Publish to .Mac" rarely works. Only "Publish All to .Mac" will get the site online (something about an error with the index.html file). But "Publish All to .Mac", I've just discovered, DELETES the other websites that I have previous published. All day I've been doing updates and publishing my sites, only to discover that the uploads have all been wiped out by the most recent one!
  I'm a big enough fellow to admit that my knowledge isn't total nor perfect - so please, would someone out there with a better handle on iWeb than I (preferably someone who actually deals with multiple domain files rather than someone who thinks they can guess the problem) please clue me into how we make use of this program non-destructively?
  I suppose I could always publish everything to folders and upload it to my iDisk (which itself remains ridiculously slow after how many years now? Sheesh!), but that detracts from the elegance of the .Mac integration, the counter features, - not to mention the little fact that I'm a paying .Mac customer and this darn thing should just work, no?

  Mark:
  I was where you were also. You should give iWebSites a try. It's to iWeb what iPhoto Library Manager is to iPhoto.
  I use iWebSites to manage multiple sites.. It lets me create multiple sites and multiple domain files.
  If you have multiple sites in one domain file here's the workflow I used to split them into individual site files with iWebSites. Be sure to make a backup copy of your Domain.sites files before starting the splitting process.
  This lets me edit several sites and only republish the one I want. Just remember to put a copy of your current Domain.sites file somewhere else on your HD in case the splitting gets messed up. It went very smoothly for me and I now manage 19 or so sites.
  Do you Twango?

• How to create a muse site in various languages with multiple domains

  I have been asked to create a website for a product. A very simple website with maybe one or two pages and one product for sale for which the client would like Paypal as the payment gateway. Simple right?
  No! This client would like to market their product into Europe, they would like to purchase multiple European domains ( .fr, .de for example).
  So how on earth can I do this? I will be using Muse for build and Business Catalyst for hosting.
  Bearing in mind the client will not want to pay for separately hosted sites. Is there a way of translating the text for each domain. Or could I assign multiple domains but direct them to different home pages within the same site?
  I haven’t a clue how to problem solve this.

  Hi,
  Some links that might be useful,
  how to set up a multilingual website with Adobe Muse and push it live to Adobe Business Catalyst
  Re: How can i create different languages for my page?
  How can i create a multilingual website?
  how to create a multilingual site
  Do let me know if you have any question.

• Multiple domains and multiple IPs in the same MacMini Server

  I am sure that this topic has been faced already but I cannot find enough information to really dig into a solution.
  I have a macmini server with two IPs let say x.x.x.12 and x.x.x.13 .
  The server is set up on the first IP. It has his primary zone, machine record, mail aslias and www alias.
  Lets call the server domain server.domain1.com
  Everything works fine I have a couple of local users and a couple of LDAP users. Just to test the machine setup.
  I can send and receive emails using any of the users as [email protected]
  Now I would like to have another domain, domain2.com in the same server .
  The final goal is to have users under different domains. They have their own email box, calendar, etc.
  It will be preferable that I can share the same username with different domains. But I can live without that option.
  My first test was to have the second domain called server.domain2.com using the second IP. x.x.x.13 .
  For that I created another Primary Zone with domain2.com as machine record of x.x.x.13 . To use the second IP I simply create another Ethernet interface on the macmini.
  In the Mail -> Advance settings I added the host aliases as well as virtual hosting domains for domains2.com.
  With this setting I can send emails as [email protected] or [email protected] but when I replay to their messages I get a "Relay access denied" error from server.domain1.com .
  I also tryed another domain pointing to x.x.x.12, the same as server.domain1.com . I did not create any extra Primary Zone but the local host aliases and the virtual hosting domains.
  Same issue. I can send but I get a "Relay access " error.
  As you might notice I am a novice on servers settings. I just try to recreate a similar environment common to Virtual Hosting providers for my own website playground but I cannot cut through this email configuration obstacle.
  Any significant meaning that can be leading me to learn how to do it will be very very appreciated . (beside lynda,com tutorials that I followed already but do not mention multiple domains for mails).
  Thanks

  the problem I try to solve is to manage multiple domains in one MacMini Server.
  Having two IPs is secondary.
  I would like that each domains has his own users with emails, iCals, Wiki and web sites.
  The main problem is having emails to work for any additional domain beside the default one on the machine IP.
  I also got an additional IP address to be used on the same server hoping that it make things easier but apparently is making things more difficult.

• Start multiple domains simultaneously on 1 Weblogic server installation?

  Is it okay to start and run multiple domains simultaneously. Better yet, when having multiple domains on 1 WLS server, should each domain have a different port number in order to be run simultaneously?
  Here's my scenario - I installed Oracle Business Intellgence, which by default installs and configures WLS server for certain Business Intelligence applications (BI Publisher). This instance was running fine and good and still is.
  Then I had another application, Oracle Data Integrator, which has a Console piece that requires a domain on WLS. So instead of modifying the existing domain for Oracle Business Intelligence, I created a new domain via the Configuration Wizard and selected those components for Oracle Data Integrator.
  therefore current domains:
  ...\domains\bifoundation_domain --> installed automatically as part of Oracle Business Intelligence
  ...\domains\odi11g --> I created this domain after I
  Now I have 2 domains under 1 WLS Server (windows 7 64bit), but if I startWeblogic.cmd for the bifoundation_domain, and I startWeblogic.cmd for the odi11g...then only the components for the bifoundation_domain become available via the WLS Console.
  Questions:
  - Can I run both domains simultaneously?
  - Should I have modified the bifoundation_domain to include Oracle Data Integrator component; therefore only having 1 domain but having everything run under that domain?
  - Does the Port for each domain matter? both bifounddation_domain and odi11g domain use ports 7001
  Are there any other considerations? Thanks much.

  Hi,
  It is perfectly OK to run multiple domains on a single Weblogic server installation. Only constraint would be you have enough capacity available on your server to start multiple instances.
  Things to note is, if your domain1 is running on listen address : port { localhost : 7001 } then your other domain should be configured on a different port say {localhost : 8001 }. If you want both domain to run on same port then go for virtual IP's to be plumbed on your physical network interface and configure as,
  domain1 - { ip1 : 7001 }
  domain2 - { ip2 : 7001 }
  this way you will can access both domain admin console on same port.
  Remember, Weblogic resources cannot be shared between domain, however a single nodemanager will be enough to monitor both the domains.
  * rank it if answer is helpful :) *
  Thanks,
  Ranjan

• Multiple Domain Files

  A lot of questions are asked in this forum about managing multiple domain files and splitting existing ones.
  The "solutions" seem to be either to use an application such as iWebsites or to duplicate the domain file into folders and delete the appropriate sites.
  When I first loaded iWeb '08, I kept a copy of a blank domain file and use this to start a new site by duplicating it into a new folder and double clicking it to launch iWeb.
  My main reason for doing this was to overcome the inability of iWeb to create a new domain file from the "File" menu.
  I have stayed with this, not only for speed and convenience, but because I read this...
  http://11mystics.com/blog/2007/09/08/how-do-you-manage-multiple-domain-files-for -iweb/
  and also this....
  http://discussions.apple.com/thread.jspa?messageID=6261141&#6261141
  These comments are from two people who dig deep under the hood of iWeb and whose opinions I respect and have taken to heart.
  Is this the best way to create new domain files?
  Am I being over cautious?
  Am I totally deluded?
  The last question is open to psycho therapists only !

  UUIDs are like finger prints in Domain.sites2. There are ways to start new Domain.sites2 without duplicate an existing one:
  1) move the last accessed Domain.sites(2) from its location, or rename the holding folder.
  2) change com.apple.iWeb.plist setting, I post the procedure here:
  http://discussions.apple.com/thread.jspa?messageID=6007612&#6007612
  This can be done with AppleScript or Unix shell script. Doing so will get you new Domain with new UUID.
  When you duplicate a blank domain, you also duplicate its UUIDs, as of now there seems to be OK as long as you keep domain separate. However, we do not know what Apple will do in the future releases, here is UUIDs usage progression in iWeb:
  We did not see much of them in iWeb1, because iWeb1 Domain.sites is flat structure.
  We see UUIDs everywhere in iWeb2 Domain.sites2, from top to bottom; every page has it own UUID.
  So, I would be skeptic about having duplicate UUIDs; even in separate domain packages.
  I ran a cross this when a friend asked me to merge his Domain.sites2 packages, and I thought people should be aware of it.
  I ended up write Applescript applications to merge, extract sites and clean existing Domain.sites2 package by assign new UUIDs.

• Multiple domains pointing to 1 site

  Hi..
  If I add multiple domain names to a BC site, just using the "New Domain", does the system handle it in such a way that its not regarded as duplicate content? There is 1 default domain, so how are the rest of the domains treated if added, ie does it use 301 redirects so as to avoid the possibility being penalized by Google?
  If this is not the way to do it, can anyone explain how to deal with this, as there is nothing in the knowledge base on how to go about it.....

  Hi Liam,
  Couple of things...
  "You have google indexing multiple domains. If those domains contain the same content - Duplicate Content." 
  That's clear - thanks.
  "You say 301 redirects so I am gathering there are multiple domains to point to one set of content. "
  Yes, the client has bought a few different domain names, all which they want pointing to the same website. (Bad practice huh?)
  "Was it an attempt to improve SEO"
  Yes, seems everyone is a self professed SEO expert these days!
  Anyway, what is the best/simplest way to deal with this type of thing?

• Multiple domains and some informations...

  Hi,
  I have 2 questions,
  1st : Can I manage multiple domains (for 2 or 3 companies) on the same OCS installation (on the same Linux computer without virtualisation) ?
  2nd : How much RAM have I need for the Windows computer (with voice/fax/conversions) in a company wich have 3 or 4 users maximum (not 250 at the same time...) ? I ask this because, in the documentation, I can read 8 GB of RAM ! And it's very expensive and I don't think that I need 8GB of RAM for 3-4 users...
  Thanks

  I can confirm that files works with more then one domain (currently running 5). This is on a setup with 2 machines running RHES 3 (both 3 Ghz Xeon with 2 GB Memory). The only nasty thing I discovered is that I cannot remove a domain....
  I can also confirm that Andreas is one of the people that can really help with configuring email on OCS (I had some serious problems because of a bit to much tweaking ;) ). It is rather different then a more common setup (e.g. postfix and cyrus), but hardly impossible.
  For voice there are more solutions then the windows thing Oracle offers. My personal favorite is asterisk which is a full blown PBX, but it's a ^%&*$# to configure if you are not known with the telco lingo. All features you need (conferencing, fax to email etc.) are availlable. It is fun to play around with though.

• Multiple domains for tracker.js

  I'm using the personalization functionality of CQ 5.4, which appears to force a request for http://localhost:4502/libs/wcm/stats/tracker.js when pages load. According to the docs at http://dev.day.com/docs/en/cq/5-4/deploying/configuring_cq.html#OSGi Configuration in the Repository , I should be able to override this URL by adding some nodes to /apps/projectName. However, my tests seem to show that doing so for one project affects all sites on the server. In production, the client has a number of domains all running on one CQ instance.
  1) Is there a way to remove this request altogether without modifying any JSPs in the /libs folder, or inheriting/overriding them?
  2) Is there a way to support multiple domains?
  The best solution I've come up with so far is creating a generic domain like cq-tracking.clientName.com, and having all sites use that.

  See the following:
  http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808c3c45.
  shtml
  *Perform Multi-Domain Searches (Optional) *
  *Optional.* The ASA currently does not support the LDAP referal
  mechanism for multi-domain searches (Cisco bug ID CSCsj32153).
  Multi-domain searches are supported with the AD in Global Catalog Server
  mode. In order to perform multi-domain searches, setup up the AD server
  for Global Catalog Server mode, usually with the these key parameters
  for the LDAP server entry in the ASA. The key is to use an
  ldap-name-attribute that must be unique across the directory tree.
  server-port 3268
  ldap-scope subtree
  ldap-naming-attribute userPrincipalName
  If global catalog server is not an option for you, you can always create two seperate SSL tunnel-groups and two seperate LDAP aaa-server groups and this would also allow you to do two AD domains (but the drawback is that you would have to inform the user which group they should select)
  -heather

• Multiple Domains on NWDI

  Hi experts!
  I've started using NWDI, and i've noticed that i already have 23 tracks. I would like to group tracks by some kind of category.
  As far as i understand, the domain tab could function like a category to group my tracks.
  But when i go to "Domain Data" tab the field domain id is readonly and is a textbox.
  There is any way to create multiple domains, each one with ther own tracks?
  If not, there is some way to reproduce my requirements?
  I think installing CMS on another server is not really a good option because the code and development will not be integrated on one place, right?
  Thank you guys.

  Hi Nuno,
  I don't think you can group using domain tab.
  >There is any way to create multiple domains, each one with ther own tracks?
    No Option available in NWDI.
  Refer to http://help.sap.com/saphelp_nw70/helpdata/en/f2/7c04702864304bb38e0b1cd6667c2b/content.htm
  SAP NetWeaver Development Infrastructure (NWDI)
  Hope it helps
  Regards
  Arun

• Multiple domains via DHCP (option 15)

  It seems Mac OS X (I use 10.4.10 but I suspect it affects many versions) is incompatible with receiving multiple domain names in a single string over DHCP Option 15.
  If DHCP returns Option 15 with "exampledomain.com eng.exampledomain.com", then any lookup (using dig, ping, Microsoft Entourage, etc.) of a non-fully qualified domain name will fail.
  You can see this in the /etc/resolv.conf file, which contains:
  domain exampledomain.com eng.exampledomain.com
  nameserver 10.X.X.1
  nameserver 10.X.X.2
  I know that putting multiple domains within the same "domain" option in DHCP is a proprietary hack but some networks still use this. Has anybody run into this and have they found a good resolution to make Mac OS X work with multiple domains?

  While a single mailbox can be configured to receive on multiple addresses (called "proxy addresses" or "aliases"), the mailbox is configured with only one primary SMTP address (outbound address).  So if your requirement is to send
  as the received address, you would not be able to do that with a single mailbox through normal means.
  Some people have developed a workaround to the above limitation by configuring Outlook to use multiple POP3 accounts for a single mailbox.  See this link for additional details: 
  http://blogs.technet.com/b/hot/archive/2012/04/26/how-to-add-an-alias-to-an-office-365-account-and-how-to-set-up-outlook-to-send-email-messages-as-this-alias.aspx
  I would also be sure to look at the client requirements for Exchange Online.  The supported version of Outlook is going to be Outlook 2010 SP2.  Older versions may work but would not be supported.  Outlook 2003 would at best possibly
  connect via POP3.
  Joseph Palarchio http://www.itworkedinthelab.com

• Windows Server - Run multiple domains under different accounts

  Hi,
  I have multiple domains on a Windows Server. I'd like to run these under separate accounts for security reasons.
  My options I have so far:
  1) Install all Admin servers and managed servers as windows services and set logon appropriately
  2) If possible, use multiple node manager instances, one for each domain and set the log on for each node manager windows service
  I like the idea of multiple node managers but I can't find any reference in the documentation about this. I'd rather not use option 1 as I won't be able to restart servers from the WebLogic Console
  Has anyone had to do this before?

  First option might be the cleanest .
  For second option make sure that there are separate Node_Manager home directory for different node manager instances.
  Edited by: atheek1 on Jun 19, 2010 4:55 AM