| Author |
Message |
![[Post New]](/Sysforums/templates/default/images/icon_minipost_new.gif) 10/05/2012 13:53:52
|
jch.qubiqa
SysAider
Joined: 10/05/2012
Messages: 5
Offline
|
We are setting up Sysaid and want to have Single Sign-on.
LDAP is working and users are imported with no problems.
When I add the following the the "serverConf.xml" file located at ...\SysAidServer\root\WEB-INF\conf we don't get the logon, but a white screen.
<externalLoginClass>none</externalLoginClass>:
<ntlmAuth>
<ntlmParam>
<ntlmParamName>jcifs.smb.client.domain</ntlmParamName>
<ntlmParamValue>DOMAIN</ntlmParamValue>
</ntlmParam>
<ntlmParam>
<ntlmParamName>jcifs.http.domainController</ntlmParamName>
<ntlmParamValue>xx.xx.xxx.xxx</ntlmParamValue>
</ntlmParam>
<ntlmParam>
<ntlmParamName>jcifs.smb.client.username</ntlmParamName>
<ntlmParamValue>sysaid-sso</ntlmParamValue>
</ntlmParam>
<ntlmParam>
<ntlmParamName>jcifs.smb.client.password</ntlmParamName>
<ntlmParamValue>Xxxxxxx</ntlmParamValue>
</ntlmParam>
</ntlmAuth>
I also have made the Group policy :
Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> Network security: LAN Manager authentication level set to "Send LM & NTLM responses".
Any ideas ??
|
|
|
10/05/2012 14:56:03
|
Joseph Zargari
VP Customer Relations
Joined: 26/03/2006
Messages: 518
Offline
|
Hi jch.qubiqa,
1. Which version of SysAid do you use?
2. Where did you make the LAN Manager authentication level modification? Was it made on the domain controller, SysAid server or user workstation? It should be done on all three (eventually, on all computers in the network)...
Thanks,
Joseph
|
|
|
11/05/2012 07:57:39
|
jch.qubiqa
SysAider
Joined: 10/05/2012
Messages: 5
Offline
|
Hi
We have installed version 8.5.08.
The LAN Manager authentication level modification was made with the PS's as target, bus as I read your reply it must be applied to Domain controllers and the Said server as well?
|
|
|
14/05/2012 07:26:29
|
Joseph Zargari
VP Customer Relations
Joined: 26/03/2006
Messages: 518
Offline
|
Yes, you should configure the LAN Manager Authentication Level on the DC and SysAid server as well.
Joseph.
|
|
|
14/05/2012 09:08:23
|
jch.qubiqa
SysAider
Joined: 10/05/2012
Messages: 5
Offline
|
Hi Joseph
We only had to apply the policy to the PC's and the SysAid server.
Now it works with IE.
Thanks...
|
|
|
14/05/2012 22:00:25
|
scottm
SysAider
Joined: 14/05/2012
Messages: 4
Offline
|
I'm having the same problem. Lan Manager policy applied to SysAid server, client and DC. 
|
|
|
15/05/2012 06:06:58
|
jch.qubiqa
SysAider
Joined: 10/05/2012
Messages: 5
Offline
|
Server here is 2008 R2 Enterprise and PC's are Windows 7.
|
|
|
15/05/2012 10:45:34
|
Joseph Zargari
VP Customer Relations
Joined: 26/03/2006
Messages: 518
Offline
|
scottm wrote:
I'm having the same problem. Lan Manager policy applied to SysAid server, client and DC.
Which version of SysAid server are you running? Can you paste here the lines you added to your serverConf.xml file?
Thanks,
Joseph.
|
|
|
15/05/2012 16:00:34
|
scottm
SysAider
Joined: 14/05/2012
Messages: 4
Offline
|
Actually - I'm not getting the blank screen anymore. Now I'm getting the following custom error:
User XXX\YYY does not exists in SysAid database.
Please contact the server administrator,YYY@XXX.com and inform him/her about the problem.
Makes sense - from what I recall SysAid stripped the domain when we imported from AD - and XXX\yyy surely <> yyy... 
|
|
|
15/05/2012 16:06:38
|
scottm
SysAider
Joined: 14/05/2012
Messages: 4
Offline
|
Sorry - version 8.5 trial.
|
|
|
16/05/2012 13:06:28
|
Joseph Zargari
VP Customer Relations
Joined: 26/03/2006
Messages: 518
Offline
|
scottm wrote:
Actually - I'm not getting the blank screen anymore. Now I'm getting the following custom error:
User XXX\YYY does not exists in SysAid database.
Please contact the server administrator,YYY@XXX.com and inform him/her about the problem.
Makes sense - from what I recall SysAid stripped the domain when we imported from AD - and XXX\yyy surely <> yyy...
Are your users imported into SysAid from AD? If not, please make sure to complete the LDAP integration first. If you did, please contact support to further troubleshoot this...
Thanks,
Yosi.
|
|
|
![[Up]](/Sysforums/templates/default/images/icon_up.gif){kind=icon}
