[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 724
  • Last Modified:

Using Multiple DNS Aliases in Web SSO Configuration

I have two Domino 6.5.4 servers running Single Sign-on for web access.  Both servers are accesible by multiple DNS entries.  However, I can only get SSO to work on one of the two aliases.

For example

server1.mycompany.com
server2.mycompany.com

Those work fine. But if you enter

server1.my-company.com
server2.my.company.com

You get the login page but it will not accept your username and password.

In my website document I have
Host names or addresses mapped to this site:       server1.mycompany.com
                                                                      server1.my-company.com
Domino servers that host this site:      *

they are seperated by carriage return

Any thoughts on how to make both aliases work?

0
DanRaposo
Asked:
DanRaposo
  • 8
  • 5
  • 4
  • +1
1 Solution
 
Sjef BosmanGroupware ConsultantCommented:
Just a suggestion: multiple website documents??

Did you set up logging, either in the domlog.nsf or in separate files? Check those, they might contain helpful information.
0
 
Sjef BosmanGroupware ConsultantCommented:
And of course the standard log database, it will contain an Authentication failure.
0
 
DanRaposoAuthor Commented:
Addidng a second website document for the alias file allows login but not via the SSO login page.  It brings the original dialog box up.

No errors are occuring in this state so the domlog.nsf file has nothing of use in it.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
DanRaposoAuthor Commented:
In the WebSSO Configuartion document there is a filed for DNS .. it currently looks like this

DNS Domain:      .mycompany.com

I tried adding a second document with

DNS Domain:      .my-company.com  but that did not work either.
0
 
DanRaposoAuthor Commented:
I alos found this in the log.nsf file

06/06/2006 10:41:13 AM  HTTP Web Server: Function Not Implemented Exception [/names.nsf?Login]
0
 
Sjef BosmanGroupware ConsultantCommented:
That error seems vaguely familiar to me, but I can't remember where and when I saw it... So sorry.

Let's wait for real experts. :-S
0
 
DanRaposoAuthor Commented:
Hi,

Any other experts have any experience with this?   I guess the easy answer is that I could just redirect all requests to my-company.com to mycompany.com, but I like to try and understand why it works (or doesn't)

Thanks

Dan
0
 
DanRaposoAuthor Commented:
I tried setting up  a redirect rule and it doesn't seem to work.  I can redirect all incoming http requests to https  , but I cannot redirect my-company.com to mycompany.com

Any thoughts on this?
0
 
marilyngCommented:
Did you try using the fully qualified server name: server.my-company.com, and server.mycompany.com in each of the internet sites documents?
0
 
marilyngCommented:
0
 
DanRaposoAuthor Commented:
Hi,

I did use that document and was unable to get the my-company.com domain to work.  Basically what I get is the SSO login screen, but it will not accept the password, it just returns to the login screen.
0
 
marilyngCommented:
WEll, very odd.  It should work, but doesn't.  I'm afraid I don't have any other ideas.  :(
0
 
DanRaposoAuthor Commented:
I tried cahnging it to a substitution document and I get the same results.  Can anyone tell me if my sytax is wrong?  I tried a couple different ways but here is the latest

incoming url patter:  http://server.my-company.com
replacement pattern: http://server.my.company.com

I also tried this as a redirection url and the same result.
0
 
Sjef BosmanGroupware ConsultantCommented:
You can click on (and hold) the words in the first column, to see what's expected. Redirection using Domino has never been one of my favourites...
0
 
DanRaposoAuthor Commented:
I found out why I am having such a problem ...   First of all  The proper syntax is

Incoming URL pattern:      /*/
Redirect to this URL:      https://server.mycompany.com/*

This will redirect anything that found it's way there to the proper url.    

HOWEVER ... We also have SSO enabled (obviously) and in the Internet site document under the security tab is a Field to Redirect TCP to SSL ... This is enabled an apaprently conflicts with the redirection.   If I disable it, then I cannot get to the SSO login page !!!!   UUUHHHGGGG!!!!  

Even If I redirect to http instead of https, I cannot get the page to open ...

I'm still working on it and if anyone has any thoughts PLEASE CHIME IN!!!!

0
 
marilyngCommented:
I am so sorry, Dan.  I just don't have any way to test the SSO and multiple server stuff. :(

But good that you got redirect to work!
0
 
Sjef BosmanGroupware ConsultantCommented:
No refund??
0
 
DarthModCommented:
PAQed with points refunded (500)

DarthMod
Community Support Moderator
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 8
  • 5
  • 4
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now