I work in a web based application in Lotus Notes. Suddenly, the login page is skipped and it is directly going to functionality. What may be the reason? Is it a settings issue?
Two possible reasons:
You have granted the "Anonymous" user access to the application.
Verify the ACL of the database.
You have some sort of SSO solution in
your company that logs you in automatically. (LTPA token on the IBM
WebSphere plugin for IIS, for example).
I assume you are testing your application on an actual Domino server, and are not using the "preview" function of Domino Designer.
Related
New on Dynamics CRM 2013, Unified Service Desk, aka USD, is a composite application framework for the development of call center and, of course, service desk, applications.
The application has it's own login form. While very flexible for development scenarios, it's not what I'd expect to have on a production environment - for instance, it asks for the address of the CRM instance that you are going to connect to.
So far, I haven't found any way to change this login form.
The login form is of the Unified Service Desk client application, and cannot be changed. Moreover, Unified Service Desk requires an instance of Microsoft Dynamics CRM, so the login form will always prompt you to specify the connection information to a CRM instance where you have deployed the core USD solutions (DynamicsBase and UII). The things that you can customize in the agent desktop are the features and layouts within the application.
You can however configure the sign-in experience to pre-populate values in the sign-in dialog box. For more information, see the Configure sign-in information section in the Connect to CRM instance using the Unified Service Desk client topic.
Unified Service Desk uses the XRM tooling common login control to define the login form. If you are building your "own" Windows client application for CRM, you can use the XRM tooling common login control, which provides The code for CRM authentication, credential storage and retrieval, and diagnostic logging so that you can quickly leverage these capabilities in your Windows client applications for CRM. More information about this: Use the XRM tooling common login control in your client applications.
Thanks,
Vivek
There was a login control provided in XRM.Tooling.connector namespace. This might be a start point to give it a thought..
Please refer to ..https://msdn.microsoft.com/en-gb/library/dn689071.aspx
You can default the configuration information for the connection experience in USD. The documentation on how to do that is in the Microsoft.Xrm.Tooling.Connector SDK Doc's. Effectively you need to add the default settings to the UnifiedServiceDesk.exe.config before you provide the client to your users. that will preload the dialog with connection information, and in the case of OnPremise / AD it can attempt an autologin and never show this dialog.
Also,
Regarding the comment above about storing passwords for login. USD does do this. it uses the Windows Credential vault to store the Password data and other encrypted stores to store other aspects of its configuration. The Windows Credential vault can be managed by Windows Admin's and flushed if necessary.
You can also tell USD to not store passwords with a setting in the UnifiedServiceDesk.exe.config file. The byproduct of which is that the user is required to key their password each and every time the shell connects to CRM.
I have a Sharepoint 2010 application with mysites, therefore I use User profile sync service.
I changed the authentication method from windows to claims based ( choosing forms), and made necessary updates on web.config and run the commands on powershall, so I am using LDAP.
My application works with forms based authentication now, no issues, but I can not authanticate to mysites as my user name format has changed from domain/username to
One option is to somehow map new ldap formatted user and windows ad users (do not know how??), or I need to create a new connection on the user profile sync service to connect to ad with forms authantication and import users with new format too (failed to do so, any idea what needs to be configured on domain controllers to do that? ). Although, this will cause that users would get 2 different mysites if they login with windows or forms based auth.
Any idea is appreciated.
Thanks.
You need to use Move-SPUser command to make that work. For more info check the MSDN Documentation.
I need to use the .Net token (or FedAuth cookie) to get in Domino credential from Active directory
The same need is describe in:
Lotus Notes and c# SSO.
Internet users are loged in a Share Point application and have to open a form in Domino.
My Domino Server is configured Assistant Directory, the users are managed in Active Directory and not in names.nsf. This works good. I can make a POST to log automatically a user of the AD.
But Share Point don't have the user password! Ideally it would be cool to POST the cookie... or run an agent that will inquire in back end the Active directory with the cookie to verify it. Is there a way to do this?
My Domino is 8.53 so I can't use SAML (if someone did this with Domino 9.0 I will be pleased to know :-).
There is a SSO using SPNEGO which can be setup on windows-based Domino servers.
More information about it can be found in the Domino Administration help (steps are very well documentd) and here:
Wiki: Deploying Windows single sign-on for Web clients (SPNEGO) in an existing Domino environment
Basically the steps to enable this are (details in notes admin help and the linked document):
Set an SPN on your windows server (to allow this server to pass Kerberos tickets to the AD)
Enable SSO on the Internet Site / Server doc
In the SSO Configuration: add all servers you will need SSO and enable windows-based SSO
Add a name mapping to your Person docs (Kerberos Principal Name Field) and set notes.ini entry WIDE_SEARCH_FOR_KERBEROS_NAMES=1 on your domino server to include this field in the namelookup
Configure browser: IE: trusted sites (add your host names), Firefox: add domino host to network.negotiate-auth.trusted-uris
Hope that helps - Michael
You could generate your own Domino Ltpa token (cookie) from sharepoint upon login. So long as the domains are set up ok, the browser should pass this to the Domino server and automatically log them in.
Feel free to contact me directly if you need specific help.
I have an WinJS metro application that I'm using to connect to a remote webservice that same domain. I read up on the app manifest capability (well the little that is present online) and was hoping that I would be able to use the logged in users credentials to access this webservice without requiring them to login.
I'm trying to authenticate to the webservice via a post using a contentType: "application/x-www-form-urlencoded;charset='utf-8'". This application was previously a website that would prompt the user for login credentials in the authentication step using the aforementioned post. In the WinJS metro application I'm effectively using the same code (minor tweaks) to achieve the same result.
Has anyone had experience with Enterprise Authentication in a WinJS metro application and could better explain what types of resources I would/wouldn't have access to. I'm hoping this isn't specific to accessing things like file shares and intranet sites.
I had this exact issue as well. After ensuring the following Capabilities were enabled in the package.appxmanifest:
Enterprise Authentication
Internet (Client)
Private Networks (Client & Server)
I had to still add the URL of our web service to Internet Explorer's list of Intranet Sites. Only then did the prompt go away.
I'm trying to access an e-mail by lotus connections through a link to the iNotes, but when I click on the link is redirected to the login page of iNotes and does not take the same authentication at the lotus connections. How do I prevent this? There is also a solution if, instead I use iNotes, I use an XPages application that requires authentication?
This is a server administration issue.
You will need to make sure that you have Single SignOn setup across both the Domino server and the IBM Connections server. Once the LTPA keys have been exported from IBM Connections and then imported into Domino and both server are in the same domain then authentication is automatic.
When the user is logged into Connections and clicks a link that brings them to the Domino server the LTPA SSO will kick in and automatically authenticate them and vice-versa.
In addition to what Declan writes he is some information if you want to use SSO between server side XPages code and IBM Connections: http://www.openntf.org/blogs/openntf.nsf/d6plinks/NHEF-8TY9EV