We experience a problem with an SA 4000 and a sharepoint website. We operate an internal sharepoint server (MOSS 2007)
and use our SA 4000 (with IVE OS 6.5 R2) to publish it. We created a web resource profile of type Microsoft sharepoint.
We filled out the necessary fields (Base URL, SSO, etc.) and created the book mark.
We can access the sharepoint site and see published documents, but if we try to
create or modify a document through "explorer view" we can't, shows a pop-up "error copying some of
selected files", and the page responses with a 401 error. In the SA 4000 access log we can see:
"WebRequest completed, POST to http://xxxx:xxxx//_vti_bin/_vti_aut/author.dll from 172.23.5.77 result=401 sent=339670 received=1539 in 10 seconds"
The access url is a "trusted site" in client navigator. In the access role cookies are persistent.
We have tested from different clients:
Windows XP + ie7 + Office 2003
Windows XP + ie8 + Office 2003
Windows XP + ie7 + Office 2007
Windows 7 + ie8 + Office 2007
Could you help me?
Thanks in advanced!
I've been testing and the IVE is not able to correctly pass user credentials to the backend Sharepoint server. The web resource has an Single Sign On autopolicy (NTLM). If we disable the SSO option and manually enter the credentials while accessing the web resource (through Web bookmark), users are able to modify and save the file. I've tested to recreate the policy and web resource but when enable the SSO users aren't able to modify or save the file. Any idea to work NTLM SSO? We don't have kerberos configured. Has anyone set up another method to access sharepoint?
Thanks in advanced
+1 I have the same problem, but with RSA logon and KCD. I've noticed however that the problem occurs with Windows 7 only - XP works correctly. Thus something with Win 7...
http://kb.pulsesecure.net/InfoCenter/index?page=content&id=KB11501 looks like a doccumented issue.
anyone know if it will be fixed in upcoming releases?
Well, I today received a suggestion from Juniper JTAC to enable Persistent Session (session setting in profiles) and now the Sharepoint works just fine through IVE !!!
So, try that.
If you enable persistent sessions, wouldn't that be a security risk if your user was using a public computer? The next person that uses it, can log right into your company without credentials as your session has not ended if you did not gracefully log off the IVE.
Enabling persistent session cookie can cause issues if users don't explicitly logout. Below is a snip from KB19908
Workaround: If the user's session cookie is made persistent, then applications may forward the cookie when sending the request to SA and this problem may not occur. However setting a user session cookie as persistent may have undesirable side effects such as leaving user sessions open if they do not logout gracefully. So please refer to the SA admin guide before you make these changes.