""However, after trying out the codes, it seems what BMC are proposing is just an intercept to the Login i.e. When you login a dll will run to pick up the username\password and pass it to Remedy. This means that in the intercept we will be able to capture the username, but no password. The password has to be somehow be "calculated" in Remedy as well as in the intercept DLL, which is sort of hard coding the passwords.
As far as security goes, I understand why the windows password is tightly guarded, but I am wondering how do other application using windows SSO and why can't Remedy do that? "" it is a MultiStep process to hook this up.. Work through support.. Windows AR SERVER and Windows Mid-Tier ONLY.. ( I would love to hear otherwise.. but have not yet) Actually the way it happens is First LDAP is running and you can login with your userid and password to the LDAP to AD and it checks that.. Then you are to hook up the SSO portion to the server.. and test that .. -- which does not use a password -- Thru mid-tier only. Then you are to hook up the AREA-HUB to the server and make sure that both LDAP and SSO are working together.. Then you can CREATE a .dll -- Which is not supplied by remedy .. that just replaces the SSO Code from the mid-tier with the SSO Code in the UserTool.. and IF this .dll is Present.. then it will log you on accordingly.. -- Access can be controlled in many different ways.. Either you have an USER account or Just one in AD. IF your AD is setup with a Remedy Group for Write licenses, then you configure appropriately. IF your AD does not have this - Then you could use a Default.. or UserForm.. it si a Tri-Configuration. Hope this helps you some.. but there is no embedded anything .. it just does it.. Remember this is a onion approach. Each layer has a specific job to do.. if one layer is not configured properly it will not work. On 12/13/06, Emad Zaky <[EMAIL PROTECTED]> wrote:
** Hi Listers, I read BMC white paper titiled, "Integrating BMC Remedy ARS with SSO Authentication Systems and Other Client-Side Login Intercept Technologies", where it talks about how to implement SSO. SSO as I understand it means that the application will login using the user's windows credentials once the user clicks on it. However, after trying out the codes, it seems what BMC are proposing is just an intercept to the Login i.e. When you login a dll will run to pick up the username\password and pass it to Remedy. This means that in the intercept we will be able to capture the username, but no password. The password has to be somehow be "calculated" in Remedy as well as in the intercept DLL, which is sort of hard coding the passwords. As far as security goes, I understand why the windows password is tightly guarded, but I am wondering how do other application using windows SSO and why can't Remedy do that? Regards, Emad __20060125_______________________This posting was submitted with HTML in it___
-- Patrick Zandi _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"
