Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 189
  • Last Modified:

Authentication failing after web domain change

Hi

We recently moved our website onto a different technology platform and server, and have subsequently pointed our domain name at the new server.

However, the Domino server that was providing the website is still serving our extranet.  We have pointed DNS to extranet.ourdomain.com, and changed the full Qualified host name to the same, along with the Host Name(s) on the the HTTP tab.

People can still not authenticate.  Previously, there was no problem going to www.ourdomain.com/extranet.

Anyone know of any other settings we need to change to resolve this.

Thanks in advance.
Ben
0
bjohns33
Asked:
bjohns33
  • 4
  • 4
  • 2
  • +1
1 Solution
 
AndrewJayPollackCommented:
they can't authenticate?  If its responding to them at all, (like asking for a password) then its not a dns or hostname binding issue.

It could be that passwords were not moved in the new configuration.

It could be that the new platform (is it unix based?) is case senstive on file names for databases where the old platform was not.

It could be that you have a security configuration document that specifies the old server name (look in the web configurations view in your nab).

Can you be more specific about the error you get?
0
 
bjohns33Author Commented:
Hi Andrew.

Sorry, I don't think I was clear enough.  The extranet is still sitting on the old server (the new website is .net based and unconnected to the exising server), so nothing has changed.

They are being prompted with the session authentication screen, but can never get past it.  Have checked the web configs, and nothing there other than a non-domain specific URL redirection.

The only thing that has changed in any of the configuration is that people are now accessing the server with the address extranet.domain.com instead of www.domain.com, and the two host name fields on the server doc to specify extranet.domain.com as the host.

Thanks again.
Ben
0
 
ZvonkoSystems architectCommented:
This seams to be two or more errors coincidence.

To get a bit closer to what has happened I recommend this:
1.) Asking the user to access first this: http://extranet.domain.com/names.nsf
2.) If upper access is ok, then create a new Page in your server's names.nsf. Give this page a name like: myNames
On the page create two computed text fields. One should show @UserName and the other @UserNamesList

Compare the results to your ACL, especially the content of some extranet.dir if you use directory redirection.


Good luck,
Zvonko

Oh, and there are three places for internet host name in server document:
Basics\Fully qualified Internet host name
InternetProtocols\HTTP\Basic\Host name(s)
ServerTasks\InternetClusterManager\ICM hostname


The last one is mostly empty, but can bring confusion especially in search results.

0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
AndrewJayPollackCommented:
yes.   I think this is a  coincidental ACL access issue, not an issue related to the domain or host name change.
0
 
bjohns33Author Commented:
Hi both, thanks so far!

Directory redirection isn't in place, so one less thing to worry about.  ICM host name is also blank.

With my notes id, accessing the NAB I have manager access.  I've reconfirmed my http password, and still can't even log into the NAB.

If it's any further clue, during the DNS change propogation, accessing the extranet through the www. prefix worked until the cutover, so it does seem to be tied into the change over to the extranet. prefix.

Very confused!

Thanks
Ben
0
 
bjohns33Author Commented:
The problem was eventually identified as a legacy SSO document that contained the domain name - this was used when we had Quickplace running, but was not removed when Quickplace was decommissioned.

Thanks
Ben
0
 
AndrewJayPollackCommented:
DOH!  You got us, Ben.   We'll all file that one away for next time.  It honestly never occurred to me.
0
 
ZvonkoSystems architectCommented:
Post a points refund request in this topic area:
http://www.experts-exchange.com/Community_Support/

Put the link to this question in that zero points request.

Regards,
Zvonko

0
 
AndrewJayPollackCommented:
yeah, this is the first one that really deserves it.
0
 
bjohns33Author Commented:
Thanks both - wasn't deliberately trying to stump you!
0
 
SpideyModCommented:
PAQ'd and all 200 points refunded

SpideyMod
Community Support Moderator @Experts Exchange
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
  • 4
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now