Highlighted
Not applicable
529 views

GW14SP1HP2: SSO and POA GroupWise Name Server DNS records

Good afternoon,

our POA server is running on Linux server. Server and client are joined
into AD, there is Kerberos configured too. If we use FQDN (e.g.
gwpoa.example.net) of POA server, SSO is working fine, but we can clients
to connect automatically to POA so we can use GroupWise Name Server, e.g.
ngwnameserver.example.net or ngwnameserver2.example.net DNS records. The
GW doc says we can use this.

We discovered the only right way (SSO to be working) is use FQDN of POA,
not IP address nor GroupWise Name Server. Have we something missed or
overlooked in our configuration? What do you mean?

I would appreciate you to share your experience or advice.

---

Best regards,

-Jan
Labels (1)
0 Likes
5 Replies
Highlighted
Knowledge Partner
Knowledge Partner

Re: GW14SP1HP2: SSO and POA GroupWise Name Server DNS record

Hi Jan,

I haven't tired this, but have you tried creating CNAME records for ngwnameserver.example.net and ngwnameserver2.example.net?

It's correct that the FQDN is needed to have SSO working seamlessly for the GroupWise client.... at least, that is my experience too.

Cheers,
Willem
0 Likes
Highlighted
Not applicable

Re: GW14SP1HP2: SSO and POA GroupWise Name Server DNS records

On Wed, 15 Feb 2017 08:16:08 +0000, magic31 wrote:

> Hi Jan,
>
> I haven't tired this, but have you tried creating CNAME records for
> ngwnameserver.example.net and ngwnameserver2.example.net?
>
> It's correct that the FQDN is needed to have SSO working seamlessly for
> the GroupWise client.... at least, that is my experience too.
>
> Cheers,
> Willem


Hi,

thank you for your answer.

I have tried only ngwnameserver/ngwnameserver2 as CNAME records to
gwpoa.example.net record. Is there difference between ngwnameserver to be
CNAME or A record? I think there is a little difference according
receiving answer from DNS point of view.

Thanks in advance.

---

-Jan


0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: GW14SP1HP2: SSO and POA GroupWise Name Server DNS record

dus2002;2451034 wrote:

I have tried only ngwnameserver/ngwnameserver2 as CNAME records to
gwpoa.example.net record. Is there difference between ngwnameserver to be
CNAME or A record? I think there is a little difference according
receiving answer from DNS point of view.



To elaborate on my thoughts here:

The thing is that we want DNS to answer with the needed FQDN. But you are right, CNAME in itself will probably not achieve this... at least not right away. Hence my question if you have tried to see what it's effect would be.

There is another option using DNS, and that's to use an URL record to do a redirect.

Both options are meant as means to point and unconfigured GroupWise client to a PO at first contact.

If you have the option to fix the PO the client needs to talk to, you can pre-populate the "IP Address" key found under "HKEY_CURRENT_USER\SOFTWARE\Novell\GroupWise\Login Parameters".
! Preferably set that parameter only once so the GroupWise client can manage the setting as needed.

I will have the option to try this myself somewhere next week as I'm curious to see the exact workings here myself 🙂

Cheers,
Willem
0 Likes
Highlighted
Not applicable

Re: GW14SP1HP2: SSO and POA GroupWise Name Server DNS records

On Thu, 16 Feb 2017 05:46:02 +0000, magic31 wrote:

> dus2002;2451034 Wrote:
>>
>> I have tried only ngwnameserver/ngwnameserver2 as CNAME records to
>> gwpoa.example.net record. Is there difference between ngwnameserver to
>> be CNAME or A record? I think there is a little difference according
>> receiving answer from DNS point of view.
>>
>>

>
> To elaborate on my thoughts here:
>
> The thing is that we want DNS to answer with the needed FQDN. But you
> are right, CNAME in itself will probably not achieve this... at least
> not right away. Hence my question if you have tried to see what it's
> effect would be.
>
> There is another option using DNS, and that's to use an URL record to do
> a redirect.
>
> Both options are meant as means to point and unconfigured GroupWise
> client to a PO at first contact.
>
> If you have the option to fix the PO the client needs to talk to, you
> can pre-populate the "IP Address" key found under
> "HKEY_CURRENT_USER\SOFTWARE\Novell\GroupWise\Login Parameters".
> ! Preferably set that parameter only once so the GroupWise client can
> manage the setting as needed.
>
> I will have the option to try this myself somewhere next week as I'm
> curious to see the exact workings here myself 🙂
>
> Cheers,
> Willem


Good morning,

we have created SR # 101054827541, no answer yet.

I will inform if I learn anything new.


Thank you for your helpful hands.

---

-Jan
0 Likes
Highlighted
Not applicable

Re: GW14SP1HP2: SSO and POA GroupWise Name Server DNS records

On Thu, 16 Mar 2017 06:38:48 +0000, dus2002 wrote:

> On Thu, 16 Feb 2017 05:46:02 +0000, magic31 wrote:
>
>> dus2002;2451034 Wrote:
>>>
>>> I have tried only ngwnameserver/ngwnameserver2 as CNAME records to
>>> gwpoa.example.net record. Is there difference between ngwnameserver to
>>> be CNAME or A record? I think there is a little difference according
>>> receiving answer from DNS point of view.
>>>
>>>
>>>

>> To elaborate on my thoughts here:
>>
>> The thing is that we want DNS to answer with the needed FQDN. But
>> you are right, CNAME in itself will probably not achieve this... at
>> least not right away. Hence my question if you have tried to see what
>> it's effect would be.
>>
>> There is another option using DNS, and that's to use an URL record to
>> do a redirect.
>>
>> Both options are meant as means to point and unconfigured GroupWise
>> client to a PO at first contact.
>>
>> If you have the option to fix the PO the client needs to talk to, you
>> can pre-populate the "IP Address" key found under
>> "HKEY_CURRENT_USER\SOFTWARE\Novell\GroupWise\Login Parameters".
>> ! Preferably set that parameter only once so the GroupWise client can
>> manage the setting as needed.
>>
>> I will have the option to try this myself somewhere next week as I'm
>> curious to see the exact workings here myself 🙂
>>
>> Cheers,
>> Willem

>
> Good morning,
>
> we have created SR # 101054827541, no answer yet.
>
> I will inform if I learn anything new.
>
>
> Thank you for your helpful hands.
>
> ---
>
> -Jan


Good afternoon,

I have got a good news finally. SSO is working as we expected now. But
there is a need to create AD SCP (Service Connection Point) inside AD
directory. We had to create it manually.

The correct way of manual creation of AD SCP object was described in this
TID https://www.novell.com/support/kb/doc.php?id=7018797 too. It has been
release this week.

Shame there is no information inside documentation about this.

---

Regards,

-Jan

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.