My team has taken over some applications that were developed around 10 years ago. We are mainly for sustainment; however, there is also some development going on, primarily for security issues. On our Cognos server, we were required to upgrade from 10.2 to 11. Our server administrator installed Cognos 11; however, our previously working Single Sign-On (SSO) stopped working. We submitted a ticket to our IT services who said that it was out of their hands and asked us to fix it. This was months ago and there has been no progress. Our IT dept. put a ticket in with IBM and they asked the following:
1. For 441 (Cognos SSO Errors) errors, have you added pass through error in the bottom of the gateway configuration document?
2. What have the 441 errors resolved to?
3. What pass through method are you using to send authentication from "another site"? Service provider shibboleth, openid connect, etc.?
Does anyone know where I can find the gateway configuration document and where the pass through errors would be?
Also, how can I tell what they resolve to? I monitored my network traffic from my browser when trying to login but only see the 441, I guess the "resolving happens on the server" but I'm not sure where to find it.
Does anyone know how I can find the service provider they mention in question 3?
Thanks in advance for any help.
To use IIS as a Cognos gateway for Single Sign On for IBM Cognos 11.0.4 and later, use this document from IBM
http://www.ibm.com/support/knowledgecenter/SSEP7J_11.0.0/com.ibm.swg.ba.cognos.inst_cr_winux.doc/t_gateway_iis.html#t_sso_actdirserver
Related
I have created an OData Service using .Net 6 / OData 8 and am trying to authenticate using Organisational Account in Excel. I can test the authentication sucesfully in Postman and also in my web App that uses the authenticated service.
However, if I try and create an OData Feed in Excel and authenticate using [Organisational Account], I get an error "We were unable to connect because this credential type isn't supported for this resource.".
Microsoft seems to indicate that it is not supported to connect to "arbitrary" services per the following link.
https://learn.microsoft.com/en-us/power-query/connectors/odatafeed#authenticating-to-arbitrary-services
However, this is a pretty big limitation and I'm interested to know if anyone has been able to solve this problem yet.
I won't go into the configuration of my web api, suffice it to say that I have tried every possible combination of builder.Services.AddAuthentication()..... that I can find and they all seem to have a similar issue - ie. I can use the WebApi for everything that I need it for - except Excel.
A quick Google search gets many, many hits (and I think that I have read them all - ..... twice), but try as I might I haven't yet found one that has an answer that works.
The following link showed some promise, which indicated it might be possible to change the audiencce, but I could not make it work.
https://www.c-sharpcorner.com/article/azure-odata-feed-web-api-authentication-setup-with-azure-ad/
I did find another promising link that I can't seem to find again that indicated we could add the Office 365 Client Id to the list of Authorised Client Applications under Expose an Api of the app registration in Azure AD B2C. I did that, with not success.
I'm really at my wits end on this and have been trying to get a solution on and off the last couple of weeks. Would really appreciate any help from others who might have tried and succeeded at this.
Confirming that I have now worked out how to do this and have posted the solution to the following SO thread. connecting-excel-to-oauth-api-on-azure
There are a number of steps to the solutions, so won't attempt to summarise them here.
Can anyone provide me the steps or the testing criteria which Microsoft App approval team is using?
I have tried 3 times to get my app approved from them but it is failing due to some design related issue. They have not reproted any functionality related or technical bugs though.
So can you please provide some type of guidelines other than the Official guideline provided by Microsoft?
I have already gone through the guidelines provided by Microsoft for the SharePoint Addin.
https://learn.microsoft.com/en-us/office/dev/store/validation-policies
Is there anything else I need to consider?
If I want how can I contact with Microsoft tester to get appropriate details of error or let them understand that they reported as a bug is actually not a bug?
At last I am able to get it approved you can visit that app here:
https://appsource.microsoft.com/en-us/product/office/WA104381785
I am not able to add the accounts I have tried several users and no luck. I get the same error. I am able to ping mail.google.com without any problems.
Images:
Google OAuth2 Authorization
Console
I don't know what is the cause of that.
I had the same kind of problem on a TS251+ .
Removing gmail backup, then resintalling it solved the problem without losing configuration.
However, a side (?) effect I have is the system can't retrieve the domain user list anymore.
It's surprising but the engine beneath is gyb 0.20 as we are now on gyb 1.0. 0.20 i smore than 2 years old!
I'm considering installing 1.0 by hand.
I understand this isn't a typically appropriate question for Stack Exchange but the Nest customer service has basically no information whatsoever on developer support, and the Works with Nest support contact form recommends using Stack Exchange tagged with nest-api. Anyway, I have created an application in the developer portal I need to submit for a user limit increase, and I have been unable to submit the form for the last 3 days. I receive a generic error that says:
We're sorry. Something went wrong. Please try again later. The backend responded with an error
As I said, I contacted every customer support outlet Nest offers and have yet to get any assistance. If anyone has encountered this error or has the proper avenue to reach out to Nest's developer support team, please let me know. Thank you in advance, again I apologize for the narrow scope of this question.
If anyone else runs into this issue, my final resolution was to re-create a second application on a different developer account, and then migrate my web service to use the new application's client secret, API tokens etc.. Albeit a huge hassle, the submission (using the exact same form data as before) worked on the new application.
I think that this is an usual question, but I'm reasking it cause I didn't got a real good question.
So, I have Liferay 6.1 CE running on Tomcat 7, and I want to import the users from an LDAP server and then make an SSO with CAS.
In my Portal, I have other application integrated (here also I have a problem with the integration of Alfresco) who need to be logged in also with the credantials from LDAP, this is why I need an SSO solution, like CAS.
How can I face this issue ? is there anyone who could help me fixing all this ?
Any information can help me, I have to accomplish all this in two weeks...I hope that everything that I'm asking are feasible.
Thanks & Regards
Liferay provide all necessary infrastructure to resolve your requirement. Look for CAS and LDAP at portal.properties https://github.com/liferay/liferay-portal/blob/master/portal-impl/src/portal.properties and configure this in your portal-ext.properties Liferay: How to configure Liferay Portal
You have two tasks here, importing users from LDAP and authenticating users with CAS. You can configure both from the Control Panel (UI) or the portal-ext.properties file. If you configure using both methods and there's a property conflict, the Control Panel settings take precedence.
Importing users from LDAP isn't difficult (I've done it in both 5.2.3 and 6.1), although importing/not importing the password can be confusing. Try tackling this task first and make sure you're able to authenticate against LDAP. I'd recommend using an authentication chain (multiple means of authentication where if one method fails, a second method will be attempted, and so on). It would be useful to configure it this way in the event of an outage with CAS so you don't have a single point of failure. Note: If you use portal-ext.properties, be sure to read this post and add properties mentioned (even if you aren't going to use them):
ldap.user.custom.mappings.1=
ldap.contact.mappings.1=
ldap.contact.custom.mappings.1=
Regarding authentication against CAS, I've been using it for a couple years on Liferay 5.2.3, and in my experience it's worked very reliably.