Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Domino Web Access Single Sign On not working after upgrade

meh_
Frequent Contributor
‎07-31-2011 11:42:PM
‎07-31-2011 11:42:PM

Domino Web Access Single Sign On not working after upgrade

After my upgrade to 7.1R3 from 6.3R5 SSO no longer functions for Domino Web Access. Can someone assist with troubleshooting this? I've tried so many options without success. I see a lot more SSO options with the new version.

Previously there was an autopolicy in place for this web resource using Basic Auth using predefined credentials of <USER> and <PASSWORD> and it worked fine. Not I'm seeing this credentials section with BA_Upg_2, etc. No idea what that is and where it's configured.

Any assistance would be great.

Thanks

0 Kudos
10 REPLIES 10
Kristof_
Contributor
‎06-17-2011 09:31:PM
‎06-17-2011 09:31:PM

Re: Domino Web Access Single Sign On not working after upgrade

Hi Meh,

When you do a Policy trace ... do you see that you hit an SSO policy for your DWA resource profile?

If you're not seeing anything there, it would be logic that you don't see any attempts in your Notes logs.

You're saying you're trying to do SSO but how is your link between the username that users enter at logon to your SA and their Notes username in the Domino Directory? Just curious ... Smiley Happy

Thanks

Kristof

0 Kudos
VVJ_
Contributor
‎08-01-2011 05:21:AM
‎08-01-2011 05:21:AM

Re: Domino Web Access Single Sign On not working after upgrade

There have been some changes around this area in the newer releases of the SA OS due to the addition of Kerberos SSO options. You could check the configs under Resource Policies > Web > General and Kerberos/NTLM/Basic SSO sections.

0 Kudos
meh_
Frequent Contributor
‎08-01-2011 04:44:PM
‎08-01-2011 04:44:PM

Re: Domino Web Access Single Sign On not working after upgrade

I have been playing with these settings with no luck. See attached print screen. What do the options under "Enable Intermediation with Credential" mean with the option of BA_Upg_2?

0 Kudos
VVJ_
Contributor
‎08-02-2011 05:33:AM
‎08-02-2011 05:33:AM

Re: Domino Web Access Single Sign On not working after upgrade

Could you try this,

- Go under Resource Policies > Web > General > Basic Authentication SSO Settings.

- Check "Enable Basic Authentication SSO"

- Make sure that the BA_Upg_2 is set to use "Variable" Credential Type and the values for "Username" and "Variable Password" are set to <USER> and <PASSWORD> respectively.

- Save the changes and try the user access again.

0 Kudos
meh_
Frequent Contributor
‎08-02-2011 04:21:PM
‎08-02-2011 04:21:PM

Re: Domino Web Access Single Sign On not working after upgrade

Yeah tried all that, didn't work unfortunately. See attached screenshot.

0 Kudos
meh_
Frequent Contributor
‎08-02-2011 05:53:PM
‎08-02-2011 05:53:PM

Re: Domino Web Access Single Sign On not working after upgrade

I don't know if this helps troubleshooting, but I added my own credentials into the BA_Upg_2 as static credentials, and sso still didn't work.

0 Kudos
VVJ_
Contributor
‎08-02-2011 09:36:PM
‎08-02-2011 09:36:PM

Re: Domino Web Access Single Sign On not working after upgrade

Sorry to know that the suggestions did not work. I suggest that you open a JTAC case to troubleshoot this further.

0 Kudos
meh_
Frequent Contributor
‎08-03-2011 10:39:PM
‎08-03-2011 10:39:PM

Re: Domino Web Access Single Sign On not working after upgrade

I've just attached the Domino logs. You can see in the old firmware attachment there is authentication details with a process time. In the new firmware attachment there is no authentication details, and the process time is 0, indicating it hasn't even attempted to pass the credentials. Any ideas?

0 Kudos
meh_
Frequent Contributor
‎08-04-2011 05:46:PM
‎08-04-2011 05:46:PM

Re: Domino Web Access Single Sign On not working after upgrade

I know everyone has given up on me, but I'm being persistent.

I just found this comment in the admin guide that could be the cause of my issue:

When upgrading an SA series appliance or performing a new install, the default SSO policy of BasicAuthnoSSO is preserved. Even if all sections of the General tab are enabled, SSO will not be enabled until the BasicAuthNoSSO policy is deleted.

This could be my problem but I can't find the BasicAuthNoSSO policy anywhere. Either it's already deleted or it's hiding somewhere.

Any assistance would be great.

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.