I've just updated to 6.4r5.1 and my SSO is now broken with Domino Web Access.  Any one got this working?  I've tried playing with the SSO settings with the Resource Policies but nothing I am doing seems to work.

Any suggestions before I rollback?

Thanks

i upgraded last week to 6.5R3.1 and the same SSO problems i had on 6.5R1 still exist, mind you i am using WSAM with no host checker but for Microsoft Sharepoint which hosts our portal and Carbon Copy which we use to connect to remote machines, sso creds are not being passed and users are getting a prompt to enter credentials, even though i am using NTLM SSO with fallback to NTLM V1 unchecked and {domain} {variable} <USERNAME> <PASSWORD> users are still getting prompted to enter credentials. hopefully they didnt sweep this problem under the rug.

I noticed that SSO changed in 6.4 as well. We were using auth header for SSO and that stopped working. Had to switch to form post for now until resolved. Where did you configured your SSO, in a profile of with policy directly. You will want to check the configuration because it has all changed.

Haven't had the Host Checker issue but uninstallating the component and letting it redploy usually works.

---

@looking4-2help wrote:

I noticed that SSO changed in 6.4 as well. We were using auth header for SSO and that stopped working. Had to switch to form post for now until resolved. Where did you configured your SSO, in a profile of with policy directly. You will want to check the configuration because it has all changed.

Haven't had the Host Checker issue but uninstallating the component and letting it redploy usually works.

---

In relation to the Intranet and HR site, these were just bookmarks and I didn't have SSO configured at all. It just worked. Not sure how. I tried setting up SSO for these sites with 6.4R2 but it won't work, no matter what I try.

In relation to the Domino Web Access, this is a resource profile and I just setup the automatic SSO that you can configure through the resource profile config. I had Basic Auth with <Username> and <Password> for the parameters. Worked fine in 6.3

In relation to the Host Checker, it is going to be very frustrating for our remote users to have to talk them through removing and reinstalling the Host Checker.

Hi,

We're using Lotus Domino 6.5 and we've the same problem after upgrade to 6.4R1.

I changed the SSO Basic Auth to Remote SSO and automatically pass user
credentials to the Webmail server.
Resource https://yourwebmailurl:443/*
Post URLs https://yourwebmailurl:443/names.nsf?Login

A couple of variable changes:
Username should be <USER>
Password should be <PASSWORD>

Now I can access the webmail without re-authenticating.

---

@Manson wrote:

Hi,

We're using Lotus Domino 6.5 and we've the same problem after upgrade to 6.4R1.

I changed the SSO Basic Auth to Remote SSO and automatically pass user
credentials to the Webmail server.
Resource https://yourwebmailurl:443/*
Post URLs https://yourwebmailurl:443/names.nsf?Login

A couple of variable changes:
Username should be <USER>
Password should be <PASSWORD>

Now I can access the webmail without re-authenticating.

---

I'll give it a go. Thanks for that.

Did you have any SSO issues with Web Bookmarks?

I also had a problem authenticating to our intranet and some other web applications. I had to change the SSO Policy under

Resource Polices / Web / BasicAuth and NTLM policies. I changed the policy from Basic to NTLM and then checked the fallback to NTLM V1 checkbox and it authentication worked again. I didn't have to create separate policies for each application.

It seems that when using basic SSO we are being asked to re-authenticate when replying to emails and when trying to attach files. Our SA2500 was on a 6.3 release and working fine.

The reason we went to 6.4R2 was to overcome IE8 problems, but in doing so things seem to have been broken.