Well Patrick...I actually wrote and compiled the DLL successfully. And when I hardcode the username and password, I click on the user tool and it successfully logs in. I can get the user name using an NT Api call, but the password is not possible. What support told me is that I have to use a hardcoded password ( or a password which is calculated from the user name for example), and find out the password inside the DLL. I still don't think that 100% SSO is implemented yet.
On 12/13/06, patrick zandi <[EMAIL PROTECTED]> wrote:
** Oh and don't ask me for help with the .dll file.. Cause I need help too.. I cannot get seem to get support help on it.. or even help compiling it.. so Unless someone else does it.. I am stuck too.. But I have been told -- some big names with remedy have this working.. not sure who ? Maybe one of you ? On 12/13/06, patrick zandi <[EMAIL PROTECTED]> wrote: > > ""However, after trying out the codes, it seems what BMC are proposing > is just an intercept to the Login i.e. When you login a dll will run to > pick up the username\password and pass it to Remedy. This means that in the > intercept we will be able to capture the username, but no password. The > password has to be somehow be "calculated" in Remedy as well as in the > intercept DLL, which is sort of hard coding the passwords. > > As far as security goes, I understand why the windows password is > tightly guarded, but I am wondering how do other application using windows > SSO and why can't Remedy do that? "" > it is a MultiStep process to hook this up.. Work through support.. > Windows AR SERVER and Windows Mid-Tier ONLY.. > ( I would love to hear otherwise.. but have not yet) > > Actually the way it happens is First LDAP is running and you can login > with your userid and password to the LDAP to AD and it checks that.. > Then you are to hook up the SSO portion to the server.. and test that > .. -- which does not use a password -- Thru mid-tier only. > Then you are to hook up the AREA-HUB to the server and make sure that > both LDAP and SSO are working together.. > Then you can CREATE a .dll -- Which is not supplied by remedy .. that > just replaces the SSO Code from the mid-tier with the SSO Code in the > UserTool.. and IF this .dll is Present.. then it will log you on > accordingly.. > -- Access can be controlled in many different ways.. Either you have an > USER account or Just one in AD. > IF your AD is setup with a Remedy Group for Write licenses, then you > configure appropriately. > IF your AD does not have this - Then you could use a Default.. or > UserForm.. it si a Tri-Configuration. > > > Hope this helps you some.. but there is no embedded anything .. it just > does it.. Remember this is a onion approach. Each layer has a specific job > to do.. if one layer is not configured properly it will not work. > > > On 12/13/06, Emad Zaky <[EMAIL PROTECTED] > wrote: > > > > ** Hi Listers, > > > > I read BMC white paper titiled, "Integrating BMC Remedy ARS with SSO > > Authentication Systems and Other Client-Side Login Intercept Technologies", > > where it talks about how to implement SSO. SSO as I understand it means that > > the application will login using the user's windows credentials once the > > user clicks on it. > > > > However, after trying out the codes, it seems what BMC are proposing > > is just an intercept to the Login i.e. When you login a dll will run > > to pick up the username\password and pass it to Remedy. This means that in > > the intercept we will be able to capture the username, but no password. The > > password has to be somehow be "calculated" in Remedy as well as in the > > intercept DLL, which is sort of hard coding the passwords. > > > > As far as security goes, I understand why the windows password is > > tightly guarded, but I am wondering how do other application using windows > > SSO and why can't Remedy do that? > > > > Regards, > > Emad > > __20060125_______________________This posting was submitted with HTML > > in it___ > > > > > -- > Patrick Zandi -- Patrick Zandi __20060125_______________________This posting was submitted with HTML in it___
_______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"
