Highlighted
Not applicable
481 views

GW14SP1HP2: SSO and Cache mode of client

Good afternoon,

we have found the solution SSO to be wotking fine (see my post
GW14SP1HP2: SSO and POA GroupWise Name Server DNS records).

But I have got one question according SSO. We have discovered, when GW
client uses Online mode, SSO works. When GW client uses Cache mode, SSO
doesn't work as we expected because the user needs to enter his password.
It seems the Caching mode cannot use AD credentials oposite Online mode.

So I have question if I am right. Or we have other problem here.


Thank you.

---

Regards,

-Jan
Labels (1)
0 Likes
6 Replies
Highlighted
Absent Member.
Absent Member.

Re: GW14SP1HP2: SSO and Cache mode of client

dus2002,

It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.

These forums are peer-to-peer, best effort, volunteer run and that if your issue
is urgent or not getting a response, you might try one of the following options:

- Visit https://www.microfocus.com/support-and-services and search the knowledgebase and/or check
all the other self support options and support programs available.
- Open a service request: https://www.microfocus.com/support
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.microfocus.com)
- You might consider hiring a local partner to assist you.
https://www.partnernetprogram.com/partnerfinder/find.html

Be sure to read the forum FAQ about what to expect in the way of responses:
http://forums.microfocus.com/faq.php

Sometimes this automatic posting will alert someone that can respond.

If this is a reply to a duplicate posting or otherwise posted in error, please
ignore and accept our apologies and rest assured we will issue a stern reprimand
to our posting bot.

Good luck!

Your Micro Focus Forums Team
http://forums.microfocus.com



0 Likes
Highlighted
Not applicable

Re: GW14SP1HP2: SSO and Cache mode of client

On Wed, 19 Apr 2017 04:30:21 +0000, Automatic reply wrote:

> dus2002,
>
> It appears that in the past few days you have not received a response to
> your posting. That concerns us, and has triggered this automated reply.
>
> These forums are peer-to-peer, best effort, volunteer run and that if
> your issue is urgent or not getting a response, you might try one of the
> following options:
>
> - Visit https://www.microfocus.com/support-and-services and search the
> knowledgebase and/or check all the other self support options and
> support programs available.
> - Open a service request: https://www.microfocus.com/support - You
> could also try posting your message again. Make sure it is posted in the
> correct newsgroup. (http://forums.microfocus.com)
> - You might consider hiring a local partner to assist you.
> https://www.partnernetprogram.com/partnerfinder/find.html
>
> Be sure to read the forum FAQ about what to expect in the way of
> responses: http://forums.microfocus.com/faq.php
>
> Sometimes this automatic posting will alert someone that can respond.
>
> If this is a reply to a duplicate posting or otherwise posted in error,
> please ignore and accept our apologies and rest assured we will issue a
> stern reprimand to our posting bot.
>
> Good luck!
>
> Your Micro Focus Forums Team http://forums.microfocus.com


Good morning,

it seems no other hasn't used SSO with Caching mode.

My problem is that I don't know if SSO should or not work with Caching
mode. Maybe SSO is usable only with Online mode.

Any answer welcome, of course.

---

Regards,

-Jan
0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: GW14SP1HP2: SSO and Cache mode of client

Dus2002,

> Good morning,
>
> it seems no other hasn't used SSO with Caching mode.
>
> My problem is that I don't know if SSO should or not work with Caching
> mode. Maybe SSO is usable only with Online mode.
>
> Any answer welcome, of course.


You should probably open an SR on this one.

Pam

0 Likes
Highlighted
Not applicable

Re: GW14SP1HP2: SSO and Cache mode of client

On Wed, 19 Apr 2017 17:36:34 +0000, Pam Robello wrote:

> Dus2002,
>
>> Good morning,
>>
>> it seems no other hasn't used SSO with Caching mode.
>>
>> My problem is that I don't know if SSO should or not work with Caching
>> mode. Maybe SSO is usable only with Online mode.
>>
>> Any answer welcome, of course.

>
> You should probably open an SR on this one.
>
> Pam


Good morning,

O.K., so I have opened SR # 101063065041.

We will see how things are going.

---

-Jan
0 Likes
Highlighted
Not applicable

Re: GW14SP1HP2: SSO and Cache mode of client

On Thu, 20 Apr 2017 05:24:27 +0000, dus2002 wrote:

> On Wed, 19 Apr 2017 17:36:34 +0000, Pam Robello wrote:
>
>> Dus2002,
>>
>>> Good morning,
>>>
>>> it seems no other hasn't used SSO with Caching mode.
>>>
>>> My problem is that I don't know if SSO should or not work with Caching
>>> mode. Maybe SSO is usable only with Online mode.
>>>
>>> Any answer welcome, of course.

>>
>> You should probably open an SR on this one.
>>
>> Pam

>
> Good morning,
>
> O.K., so I have opened SR # 101063065041.
>
> We will see how things are going.
>
> ---
>
> -Jan


Good morning,

the result is: the SSO is not usable with other mode than Online.

See below the answer from GroupWise developers:
-----snip
SSO cannot work without a open communication to the POA for security
reasons (the POA does not just take the client's word, it calls the
directory to verify everything).

In caching mode, at startup, the login is against the local store.
Caching mode only talks to the POA during sync.
It is required that caching mode open and run against the local store
even if the POA is down.

The only idea that I can think of is that we could try the POA and skip
the password prompt if the POA is up and could verify our credentials.

But even that would be problematic because the local store and the online
store are not the same store, but a replicated copy. We would be hack-
able. Example: I get a copy of your caching store and log in using
credentials from a test system POA. Part of the SSO security is tied to
the relationship between the online store and the directory user.

So we would have to add code to also guarantee the relationship between
the cache and the online.

This could be done, but is a feature request.
-----snap


Below is the link to the Feature request page I've created:
-----snip
https://ideas.microfocus.com/MFI/novell-gw/Idea/Detail/12804
-----snap

---

Best regards,

-Jan
0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: GW14SP1HP2: SSO and Cache mode of client

Thank you for the valuable information Jan. Much appreciated.
Laura Buckley

Views/comments expressed here are entirely my own.
If you find this post helpful, please show your appreciation and click on "Like" below...
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.