eDirectory Authentication with SSO lost over the day

jgeier · #1 (**permalink**) 02-04-2010, 04:31 PM

Hello,

here i have a new problem for you.

In the morning i login to my computer with my NOVELL client switched on the SSO and i work a short time in the local network an internet and all is working fine.

Than i leave my computer alone for some hours. No screen saver, no sleeping mode or somthing like this.

So after some houres i come back working. My computer is in the same situation as i have left.

I work with the local network that is ok.

Than i try to brows to the internet and i am not authenticated.

The Authentication POP up is rising und i have to give my username and password. Than only _THIS_ session is authenticated. When i close the browse and open it again, it is the same way as before.

Has someone an idea how to solve this kind of problem?

BAlfson · #2 (**permalink**) 02-04-2010, 05:14 PM

Jens, please state your browser name and version. Also, version of Astaro.

I think the only browser certified to work with Astaro SSO is Internet Explorer (IE7 and I think with V7.50x, IE8); there are known issues with Chrome and Firefox.

Cheers- Bob

jgeier · #3 (**permalink**) 02-04-2010, 05:45 PM

Quote:

Originally Posted by BAlfson

Jens, please state your browser name and version. Also, version of Astaro.

I think the only browser certified to work with Astaro SSO is Internet Explorer (IE7 and I think with V7.50x, IE8); there are known issues with Chrome and Firefox.

Cheers- Bob

Hello Bob,

i use Firexof Version 3.6 and ASTARO ASG-425 V7.500.

If there are some known issues with Firefox, i will try this with IE8 Tomorrow again.

IE 8.0.6001.18702

jgeier · #4 (**permalink**) 02-09-2010, 11:16 AM

Quote:

Originally Posted by jgeier

Hello Bob,

i use Firexof Version 3.6 and ASTARO ASG-425 V7.500.

If there are some known issues with Firefox, i will try this with IE8 Tomorrow again.

IE 8.0.6001.18702

Hello,

it doesen't matter i use IE8 or Firefox.

Over the day _BOTH_ lost the authentication !!!!

dspender · #5 (**permalink**) 02-09-2010, 02:10 PM

You're not alone I have the same sort of issues all over my campus with 7.502 and edirectory-SSO.

My users have just gotten used to it (although they still complain occasionally). We just tell them to reboot (they love that

)

And I've given up on trying to isolate it because it just seems so random....

SveN · #6 (**permalink**) 02-09-2010, 07:26 PM

anything in the aua.log?

addrockk · #7 (**permalink**) 02-10-2010, 03:24 PM

Quote:

Originally Posted by jgeier

Hello,

here i have a new problem for you.

In the morning i login to my computer with my NOVELL client switched on the SSO and i work a short time in the local network an internet and all is working fine.

Than i leave my computer alone for some hours. No screen saver, no sleeping mode or somthing like this.

So after some houres i come back working. My computer is in the same situation as i have left.

I work with the local network that is ok.

Than i try to brows to the internet and i am not authenticated.

The Authentication POP up is rising und i have to give my username and password. Than only _THIS_ session is authenticated. When i close the browse and open it again, it is the same way as before.

Has someone an idea how to solve this kind of problem?

This seems like an eDirectory issue. The eDir SSO looks at the IP you're connecting to the proxy from and searches eDir for an object with that IP in the Network Address field. If you lose SSO with Astaro, check that field on your user object in eDir and see if its still populated. If it isn't, you're eDir server doesn't think you're logged in anymore.

jgeier · #8 (**permalink**) 02-15-2010, 12:43 PM

Quote:

Originally Posted by SveN

anything in the aua.log?

Hello Sven,

what is the aua.log?

where i can find it?

jgeier · #9 (**permalink**) 02-15-2010, 12:49 PM

Quote:

Originally Posted by addrockk

This seems like an eDirectory issue. The eDir SSO looks at the IP you're connecting to the proxy from and searches eDir for an object with that IP in the Network Address field. If you lose SSO with Astaro, check that field on your user object in eDir and see if its still populated. If it isn't, you're eDir server doesn't think you're logged in anymore.

Hello Addrockk,

do you know the exact field that is tested in the user object?

In ConsoleOne of an user Object i find in the tab General the menue Environment.

Here there should be the Network address.

But usualy this field is empty.

jgeier · #10 (**permalink**) 02-15-2010, 03:15 PM

I have an idea why this could may be happend.
I hope some one can agree to this.

In our company we have several NetWare Servers in some diffrent states.

there are
- 2 x NW6.5 SP7
- 1 x NW6.5 SP6
- 2 x OES 2 SP 2a

some times the sync between is not so good so we use DSREPAIR on all of the NW6.5 servers.

And it looks that after using DSREPAIR the entry of the IP Adress in the User Object is gon.

Also i find somthing interesting here. I use two computers to login to the Network with the same username.

So i find ofcause two diffrerent IP-Adresses in the user object but the writing is interesting.

For the first computer i found

IP: 10.0.90.46

and for the second i found

TCP: 10.0.90.50

Ofcause the adress should be different but not the protocol ....

Has some one an idea for this?