Kerberos SSO with 1 way Trust
I had configured a Kerberos SSO with 1way trust between two domain... But on logging in i am getting the following exception...[DEBUG] Thu Oct 25 02:56:04 PDT 2012 jcsi.kerberos: resetting...
View ArticleVSJ and JBoss 7.1
Our company has recently purchased the Standard edition of vsj and we have this running fine on WAS 8. I am trying to get this to run on JBoss 7.1 so we can run our application easily on our local...
View ArticleREMOTE_USER value
We are trying to integrate mod_auth_vas into Blackboard for user authentication.Blackboard is a J2EE based virtual learning environment. Actually, it's a mixture of Java and Perl.It running on Apache...
View ArticleWrong ticket encryption for W2K clients only causes VSJ to fail
Hi,I am facing the following problem.The Windows service account used for Vintela SSO is set up using "Use DES encryption for this account". The keytab is created with ktpass ... -crypto DES-CBC-MD5...
View ArticleVAS cache stopped updates - Solaris 10 running VAS Version 3.3.2.133
Dear UNIX-VAS colleagues,The password database of one of my VAS client machines is out of date. If I add a new user in A.D. thisnew account do not appear to this client machine (ypmatch <userid>...
View ArticleNTLM SMB issue - Could not get valid NTLM challenge from ........
I'm trying to debug an issue with NTLM failback, I have the filter configured correctly as per any other deployments.I'm able to authenticate users correctly using Kerberos, but I have noticed in the...
View ArticleQAS , NFS, KRB5, SSH
Going back to previous posts where our unix admin has exported the homedirs from our netapp filer with krb security, I have picked back up the lab image, and implemented src=krb5 in the fstab.Now, when...
View ArticleVAS GSSAPI Error 851968 (gss_init_sec_context)
We are getting the major error code 851968 (& minor code 0) while using the GSS API flavor of the VAS API's on Linux x64.Our Linux machine is has vas installed (including vasdev) and is joined to...
View ArticleSudo issue with NIS (QAS) groups in Ubuntu 12.04
Hi,We're running QAS 3.5.2.80 on the Ubuntu 12.04 beta and we're running into an issue with sudo. Our setup is a full NIS proxy setup where each host is its own proxy. Everything else works just fine,...
View ArticleHelp with AD server rename
My AD admins changed the names of all our AD servers (without telling me) and now SSO is broken on my web app. I verified that the username and password are still good. This is part of the error...
View ArticleSamba errors with Win2008 R2
Hi,Using RHEL 5.2 64-bit, VAS 3.3.2-142+Samba 3.0.33-3.7.el5; Win 2008 R2. Can you help me?# vastool statusVAS is currently joined to: localdom.comJoin command found in:...
View Articleadding VAS users to local group file in AIX
I just converted using VAS on our AIX. I noticed you can't add an VAS user to the /etc/group file using "smit group" because the user is no longer in the /etc/passwd file. Is there a way in AIX that...
View Articleorg.ietf.jgss.GSSException, Channel binding mismatch
I am getting this Exception when I am trying to do SPNEGO on IE8 over HTTPS. It works fine for CHROME of FIREFOX.com.wedgetail.idm.sso.ProtocolException:...
View ArticleSupport for apache httpd 2.4?
Do you know if mod_auth_vas will work with Apache httpd 2.4? Or if there is any intention to support this, and if so what time frame this version is likely to be supported in?Thanks,Paul
View ArticleQAS and FileVault on OS X
Is there a way to use FileVault on OS X Mountain Lion with QAS? I mean so that the AD user can be selected during boot for the FileVault authentication.Thanks,Nils
View ArticleNot seeing correct AD group membership using vastool
We have an AD group 'foo'. User Abe is added to it using AD tools. I cannot see this user in the group using vastool on Solaris. And of course the user cannot login. $ vastool list groups | grep...
View ArticlePutty 0.62 session menu with Windows 7
I've recently upgraded to Windows 7, and am enjoying the menu of open putty sessions displayed when I hover my mouse over the putty icon in my toolbar. HOWEVER, one aspect which bothers me is how the...
View ArticleUsing Cached Kerberos Ticket to Authenticate SMB Share
I am using Quest Authentication Services to integrate my Linux systems with our lab domain. I want to use the cached kerberos tickets to authenticate without providing a password when mounting an...
View ArticleIBM DB2 LDAP Plugin and Vintela DB2 Security Plugin
What is the difference between the DB2 LDAP Plug in provided by IBM and DB2 Security Plug in for LDAP from Vintela? Are they the same product? We just converted our IBM SP MPP server from NIS to VAS...
View ArticleGSSException when launching ejb fatclient example from VSJ-WebLogic-Edition
Hi,I downloaded the vsj-weblogic-3.2 (VSJ-WebLogic-Edition-3.2_Patch-3550). I get the exception below. I saw on a forum that the 3.3 version fix this problem. Is it so? Is the 3.3 version...
View Article