We make a role-policy-resource with sso. A intranet who login the user from AD (ntlm, basic auth, or kerberos works perfectly in ie 6 scenary).
We make tests with ie 6 and it works. But, when we go to production scenary see this issue: It doesn't works with other version of explorer (7,8,9), mozilla or chrome.
Thanks in advance.
Could you pplease let us know what the backend resource is and how the sso policy is configured on SA
Kerberos/ntlm/basic or form post.
The resource is a web address where the people goes to login.
I try with:
and where IE6 works in IE7, IE8, chrome, mozilla no.
Unfortunately, each of those browsers handles credentials differently and it is possible for what you are seeing to happen due to changes by Microsoft in IE; Firefox is more picky about URL matching and redirects, and Chrome is not supported.
I would recommend working with JTAC on this with the following logs for a working (IE 6) and then as many non-working sessions as you desire:
1) TCP dump on the internal port
2) dsrecord for the user
3) policy trace for the user (set to only record the SSO events)
4) user access log (save all logs button; you can do this at the end of all the testings if desired)
Well, I study all the tools from this error but I don't arrive to understand the results...
I'll try again.
no one has gone before something like this?
How he solve this issue?
I have heard of it and seen it once or twice; however, it is not something that is common. It has generally required a modification with the URL or change in policies to support the different browsers; unfortunately, however, there is no set guess available without having the logs.
I'll try to solve this.
does the application use basic or form post?
I try with ntlm, basic and kerberos auth...
now I try with post with the same results...
ok. what is the application you are using?