We authenticate users into SGD using UNIX/LDAP based authentication. While users logging onto WTS's for launching windows based applications are authenticated on Windows domain using ADS. This is where we need the tarantella cache solution as described in my previous mail. We cannot change the authentication mechanism for windows, it has to be ADS. Mohammed
________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jeremy Stagg Sent: Tuesday, December 02, 2008 5:37 AM To: Sun Secure Global Desktop Users mailing list Subject: RE: [SGD-Users] tarantella password cache Mohammed What authentication into SGD is in use ? Jeremy >>> On 2/12/2008 at 8:09 am, in message <[EMAIL PROTECTED]>, "Ali Mohammed-MALI1" <[EMAIL PROTECTED]> wrote: Jeremy, We have most of the SSO functionality implemented and don't need a new solution. The behavior that i described below works for UNIX applications. It just doesnt work for Windows app. Any ideas to workaround this problem would be appreciated. Thanks, Mohammed ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jeremy Stagg Sent: Thursday, November 27, 2008 3:44 PM To: sgd-users@filibeto.org Subject: Re: [SGD-Users] tarantella password cache Mohammed Your request appears to be a different angle with respect to the identity management of the user, and the ability of SGD to act as an Identity Manager application. You require one of Sun's Identity Manager solution(s), which I'd recommend to start with OpenSSO Enterprise: http://www.sun.com/software/products/opensso_enterprise/index.xml Keep in mind, SGD is not an identity solution. Regards Jeremy. >>> On 24/11/2008 at 2:53 pm, in message <[EMAIL PROTECTED]>, "Ali Mohammed-MALI1" <[EMAIL PROTECTED]> wrote: We are experiencing a problem with tarantella password caching. We have cache for each tarantella user to logon to WTS. So this way when user launches a windows app from WTS, the passcache is used to logon the user to WTS. However, the problem is when user changes his WTS password (for any reason - the user may like to change the password of his own free will, or may be told to do so because the password has expired), this password change is not propagated to Tarantella cache, so tarantella continues to pass on the old password to WTS upon future invocations of WTS-related applications. We were expecting that upon password problem(login failure), tarantella would prompt user for new password and update its cache. However, apparently this does not work for Windows apps, due to limitation in the mstsc client(RDP). The temporary workaround we found is as follows- if the user holds the Shift key while he launches an application from the WebTop, Tarantella will offer him to update the cached password. However, we are hoping for some mechanism which allows the user to update the Tarantella cache immediately after changing the password at WTS. So in other words user should be prompted to update cache upon login failure to use the previously cached password. We tried changing some settings in array manger under application launch to "prompt user upon login failure", however this did not work. Any help would be greatly appreciated Thanks, Mohammed Ali Network Help Pty Ltd Phone: +61-3-9459-2122 Facsimile: +61-3-9459-5322 Website: http://www.networkhelp.com.au Disclaimer : This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. Contact Network Help on +61-3-9459-2122 for further details. Network Help Pty Ltd Phone: +61-3-9459-2122 Facsimile: +61-3-9459-5322 Website: http://www.networkhelp.com.au Disclaimer : This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. Contact Network Help on +61-3-9459-2122 for further details.
_______________________________________________ SGD-Users mailing list SGD-Users@filibeto.org http://www.filibeto.org/mailman/listinfo/sgd-users