[prev in list] [next in list] [prev in thread] [next in thread]
List: ngw
Subject: Re: [ngw] Password prompt via AD auth
From: "Joe Brugaletta" <JBrugaletta () braytonlaw ! com>
Date: 2017-12-19 19:01:33
Message-ID: 5A39620D020000B300051E6E () email ! braytonlaw ! com
[Download RAW message or body]
I'm stepping through the TID to set up SSO via AD ( \
https://www.novell.com/support/kb/doc.php?id=7018598 ) When I click on Yast > Windows \
Domain Membership, I get prompted to install "samba-client-32bit" , which then fails, \
because (i assume) that since its an OES machine, it already has a \
Novell-oes-samba-client-32bit installed. When it errors, it asks if I want to \
continue and ignore the error, or cancel. I've been cancelling out of fear of \
breaking something. Has anyone attempted the same thing? I haven't heard back from \
support yet.
> > > Laura Buckley <Laura@laurabuckley.co.za> 12/16/2017 7:43 AM >>>
Hi,
With your POA logs in Verbose... what are you seeing when you login?
Cheers,
Laura
Lifelong Learner
www.laurabuckley.co.za
On Fri, Dec 15, 2017 at 10:55 PM, Joe Brugaletta <JBrugaletta@braytonlaw.com
> wrote:
> Yep, all good there. "domain\myusername". Reading over the TID you
> posted.. so if I understand correctly, if you don't do this.. the users
> need to know the hostname to connect to when launching client? ew! :)
>
>
>
>
> > > > Laura Buckley <Laura@laurabuckley.co.za> 12/15/2017 1:49 PM >>>
> Hi,
>
> Just a small check... go to the command prompt on your workstation -
> "whoami" - does it return the correct domain name and username matching
> your GW username? I've seen discrepancies here before.
>
> Cheers,
>
>
> Laura
>
> Lifelong Learner
>
> www.laurabuckley.co.za
>
>
> On Fri, Dec 15, 2017 at 10:43 PM, Joe Brugaletta <
> JBrugaletta@braytonlaw.com
> > wrote:
>
> > I've stumped GW support on this one too. Haven't seen that one Laura,
> will
> > read.. theres also this one: https://www.novell.com/
>
> > support/kb/doc.php?id=7018598
> >
> > David.. I had the same issue on my computer. The first time it'd prompt
> me
> > for password, and then never prompt again (until reboot). I noticed that
> if
> > i go to Tools > security, i have the option for "remember password" etc
> > checked, but greyed out.. However, my coworker did not have those
> options.
> > I can't think of a setting that would cause ours to be different, other
> > than maybe a "reset client options". Curious if you see the same thing on
> > your account that works the "first time".
> >
> >
> >
> >
> >
> >
> > > > > Laura Buckley <Laura@laurabuckley.co.za> 12/15/2017 1:30 PM >>>
> > Hi,
> >
> > Forgive me if this has already been posted here, but, have you seen this:
> > https://www.novell.com/support/kb/doc.php?id=7019985
>
> >
> >
> > Cheers,
> >
> >
> > Laura
> >
> > Lifelong Learner
> >
> > www.laurabuckley.co.za
> >
> >
> > On Fri, Dec 15, 2017 at 10:00 PM, David Gerisch <
> DGerisch@co.tulare.ca.us>
> > wrote:
> >
> > > I spoke too soon. I've rebooted the PC, and now SSO did not work on
> the
> > > first try.
> > >
> > > I tried three different host names; on the third try, SSO worked.
> > >
> > > Rebooted again, and with the host name (but no domain name), SSO worked
> > > on the second try.
> > >
> > > Rebooted again, and with the host name (and an invalid domain name as
> > > far as I could tell), SSO worked on the third try.
> > >
> > > I don't know if this helps, but after a successful SSO, followed by a
> > > reboot, the host name string in the address field changes to a long
> form
> > > (host.subdomain1.subdomain2.domain). SSO didn't go, but _something_
> > > updated that field to this longer form.
> > >
> > > SSO has worked on the second try, with that long form, a couple times
> > > now.
> > >
> > > What is mildly "interesting" is that for my co-worker who set up the AD
> > > authentication, SSO works on the post office 100% of the time. There
> > > are only two people on this post office (we built it for AD
> > > authentication testing), and I'm the mailbox / account that doesn't
> > > work; and he is the mailbox / account that does. So we do have a case
> > > where everything is good all the time. That case just happens to NOT
> be
> > > me. ;-)
> > >
> > >
> > > > > > "Joe Brugaletta" <JBrugaletta@braytonlaw.com> 2017-12-15 10:28 >>>
> > > Hmm cool glad it worked for ya :)
> > >
> > > So your coworker did all the Linux kerberos stuff the documentation
> > > mentions?
> > > My registry key appears to be an IP address..and I know i have an
> > > "ngwnameserver" dns entry pointing to that IP address, since I think
> the
> > > client always attemps to connect to that hostname first.. but maybe
> > > things have changed over the years.
> > >
> > >
> > >
> > >
> > > > > > "David Gerisch" <DGerisch@co.tulare.ca.us> 12/15/2017 10:13 AM >>>
> > > Thank you very much Joe. That got my problem fixed.
> > >
> > > Yes, I am using Linux POAs. My co-worker who has been configuring
> > > them
> > > has gone through some trying times.
> > >
> > > But your pointing to the TID 7017464 is what fixed my trouble. I just
> > > started experimenting with the name I put in the server field (and is
> > > stored in HKEY_CURRENT_USER\Software\Novell\GroupWise\Login
> > > Parameters\TCP/IP Address). I found that the host name _without_ any
> > > domain name qualifier is what got me in without the password prompt
> > > (SSO
> > > is working).
> > >
> > > Thank you very much for that nudge!
> > >
> > >
> > > > > > "Joe Brugaletta" <JBrugaletta@braytonlaw.com> 2017-12-15 09:17 >>>
> > > David, are you using linux or windows POAs? If using linux, it looks a
> > > tad complicated to get SSO working.
> > >
> > > (snip)
> > >
> > > I also found this.. not sure if it applies to you? Though I'm seeing
> > > conflicting information, I think:
> > >
> > > (snip) states "do not use ngwnameserver"
> > >
> > > but in the gw 2014 R2 documentation, it says:
> > > "Required Hostnames#
> > > The primary GroupWise name server must be designated using the
> > > hostname
> > > ngwnameserver. You can also designate a backup GroupWise name server
> > > using the hostname ngwnameserver2."
> > > via (snip)
> > >
> > >
> > >
> > > > > > "David Gerisch" <DGerisch@co.tulare.ca.us> 12/15/2017 9:08 AM >>>
> > > I have this problem for my own mailbox. I don't know what is wrong,
> > > as
> > > we did the same configuration options for my mailbox as we did the
> > > others; but their's work*. If a troubleshooting flowchart happens to
> > > exist, I would love to see it.
> > >
> > > *Well, obviously, _something_ is different, but I cannot see what it
> > > is.
> > >
> > > David Gerisch
> > >
> > >
> > > > > > "Joe Brugaletta" <JBrugaletta@braytonlaw.com> 12/14/2017 3:57 PM
> > > > > >
> > > I have my gw users authenticating against AD. It appears that some
> > > users get prompted for their GW password when launching the client,
> > > and
> > > some dont. How easy is this to set up so they don't get prompted?
> > >
> > >
> > >
> > >
> > >
> > > _______________________________________________
> > > ngw mailing list
> > > ngw@ngwlist.com
> > > https://urldefense.proofpoint.com/v2/url?u=http-3A__ngwlist.
>
> >
> > > com_mailman_listinfo_ngw&d=DwIFAg&c=LlH32oy6OBtmot7tcUOx1EUIJYTUxw
> > > ihlBYC0z2BYZI&r=AZydvbLLLnHLl7r8Xp58bWGr_dXaciWrJNWBKhi_0W0&m=mf85TW_
> > > dPWJ9pZF-hazKlEIXKZQOoEgdbSdVSP9n6TY&s=vDfFyGaGzsBPvwEzW29bjBsZOj8fhT
> > > jehZYOSYAgGsc&e=
> > >
> > >
> > >
> > >
> > >
> > > _______________________________________________
> > > ngw mailing list
> > > ngw@ngwlist.com
> > > https://urldefense.proofpoint.com/v2/url?u=http-3A__ngwlist.
>
> >
> > > com_mailman_listinfo_ngw&d=DwIFAg&c=LlH32oy6OBtmot7tcUOx1EUIJYTUxw
> > > ihlBYC0z2BYZI&r=AZydvbLLLnHLl7r8Xp58bWGr_dXaciWrJNWBKhi_0W0&m=
> > > ZXRkJsREA5d9JiFtREoTckhXGihNd1W0ocHVd66NKSU&s=
> > > afGXWQLVtlgGGCHNCevdaszJr6x3FglycHIYb9af11w&e=
> > >
> > >
> > >
> > > _______________________________________________
> > > ngw mailing list
> > > ngw@ngwlist.com
> > > http://ngwlist.com/mailman/listinfo/ngw
>
> >
> > >
> > _______________________________________________
> > ngw mailing list
> > ngw@ngwlist.com
> > http://ngwlist.com/mailman/listinfo/ngw
>
> >
> >
> >
> > _______________________________________________
> > ngw mailing list
> > ngw@ngwlist.com
> > http://ngwlist.com/mailman/listinfo/ngw
>
> >
> >
> _______________________________________________
> ngw mailing list
> ngw@ngwlist.com
> http://ngwlist.com/mailman/listinfo/ngw
>
>
>
> _______________________________________________
> ngw mailing list
> ngw@ngwlist.com
> http://ngwlist.com/mailman/listinfo/ngw
>
>
_______________________________________________
ngw mailing list
ngw@ngwlist.com
http://ngwlist.com/mailman/listinfo/ngw
_______________________________________________
ngw mailing list
ngw@ngwlist.com
http://ngwlist.com/mailman/listinfo/ngw
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic