bjohns33
asked on
Authentication failing after web domain change
Hi
We recently moved our website onto a different technology platform and server, and have subsequently pointed our domain name at the new server.
However, the Domino server that was providing the website is still serving our extranet. We have pointed DNS to extranet.ourdomain.com, and changed the full Qualified host name to the same, along with the Host Name(s) on the the HTTP tab.
People can still not authenticate. Previously, there was no problem going to www.ourdomain.com/extranet.
Anyone know of any other settings we need to change to resolve this.
Thanks in advance.
Ben
We recently moved our website onto a different technology platform and server, and have subsequently pointed our domain name at the new server.
However, the Domino server that was providing the website is still serving our extranet. We have pointed DNS to extranet.ourdomain.com, and changed the full Qualified host name to the same, along with the Host Name(s) on the the HTTP tab.
People can still not authenticate. Previously, there was no problem going to www.ourdomain.com/extranet.
Anyone know of any other settings we need to change to resolve this.
Thanks in advance.
Ben
ASKER
Hi Andrew.
Sorry, I don't think I was clear enough. The extranet is still sitting on the old server (the new website is .net based and unconnected to the exising server), so nothing has changed.
They are being prompted with the session authentication screen, but can never get past it. Have checked the web configs, and nothing there other than a non-domain specific URL redirection.
The only thing that has changed in any of the configuration is that people are now accessing the server with the address extranet.domain.com instead of www.domain.com, and the two host name fields on the server doc to specify extranet.domain.com as the host.
Thanks again.
Ben
Sorry, I don't think I was clear enough. The extranet is still sitting on the old server (the new website is .net based and unconnected to the exising server), so nothing has changed.
They are being prompted with the session authentication screen, but can never get past it. Have checked the web configs, and nothing there other than a non-domain specific URL redirection.
The only thing that has changed in any of the configuration is that people are now accessing the server with the address extranet.domain.com instead of www.domain.com, and the two host name fields on the server doc to specify extranet.domain.com as the host.
Thanks again.
Ben
This seams to be two or more errors coincidence.
To get a bit closer to what has happened I recommend this:
1.) Asking the user to access first this: http://extranet.domain.com/names.nsf
2.) If upper access is ok, then create a new Page in your server's names.nsf. Give this page a name like: myNames
On the page create two computed text fields. One should show @UserName and the other @UserNamesList
Compare the results to your ACL, especially the content of some extranet.dir if you use directory redirection.
Good luck,
Zvonko
Oh, and there are three places for internet host name in server document:
Basics\Fully qualified Internet host name
InternetProtocols\HTTP\Bas
ServerTasks\InternetCluste
The last one is mostly empty, but can bring confusion especially in search results.
To get a bit closer to what has happened I recommend this:
1.) Asking the user to access first this: http://extranet.domain.com/names.nsf
2.) If upper access is ok, then create a new Page in your server's names.nsf. Give this page a name like: myNames
On the page create two computed text fields. One should show @UserName and the other @UserNamesList
Compare the results to your ACL, especially the content of some extranet.dir if you use directory redirection.
Good luck,
Zvonko
Oh, and there are three places for internet host name in server document:
Basics\Fully qualified Internet host name
InternetProtocols\HTTP\Bas
ServerTasks\InternetCluste
The last one is mostly empty, but can bring confusion especially in search results.
yes. I think this is a coincidental ACL access issue, not an issue related to the domain or host name change.
ASKER
Hi both, thanks so far!
Directory redirection isn't in place, so one less thing to worry about. ICM host name is also blank.
With my notes id, accessing the NAB I have manager access. I've reconfirmed my http password, and still can't even log into the NAB.
If it's any further clue, during the DNS change propogation, accessing the extranet through the www. prefix worked until the cutover, so it does seem to be tied into the change over to the extranet. prefix.
Very confused!
Thanks
Ben
Directory redirection isn't in place, so one less thing to worry about. ICM host name is also blank.
With my notes id, accessing the NAB I have manager access. I've reconfirmed my http password, and still can't even log into the NAB.
If it's any further clue, during the DNS change propogation, accessing the extranet through the www. prefix worked until the cutover, so it does seem to be tied into the change over to the extranet. prefix.
Very confused!
Thanks
Ben
ASKER
The problem was eventually identified as a legacy SSO document that contained the domain name - this was used when we had Quickplace running, but was not removed when Quickplace was decommissioned.
Thanks
Ben
Thanks
Ben
DOH! You got us, Ben. We'll all file that one away for next time. It honestly never occurred to me.
Post a points refund request in this topic area:
https://www.experts-exchange.com/Community_Support/
Put the link to this question in that zero points request.
Regards,
Zvonko
https://www.experts-exchange.com/Community_Support/
Put the link to this question in that zero points request.
Regards,
Zvonko
yeah, this is the first one that really deserves it.
ASKER
Thanks both - wasn't deliberately trying to stump you!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It could be that passwords were not moved in the new configuration.
It could be that the new platform (is it unix based?) is case senstive on file names for databases where the old platform was not.
It could be that you have a security configuration document that specifies the old server name (look in the web configurations view in your nab).
Can you be more specific about the error you get?