[THIN] Re: Pass-through authentification for WI - can I do it without a SSO product?
- From: "Andrew Wood" <andrew.wood@xxxxxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Thu, 5 Jan 2006 09:47:00 -0000
Thats not what was asked tho' - inh your example you're using the full
client and the full client supports passthrough, because only the full
client (and PN Agent) enables the integrated logon service.
You can't do an integrated logon if all you have is the web client.
_____
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Greg Reese
Sent: 05 January 2006 02:02
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Pass-through authentification for WI - can I do it
without a SSO product?
sure. it is on pg 58 and 59 in the Wi admin guide. I messed with it using
WI 4 and PS 4 with the v9 client but I think any client above 6 will do it.
the keys are:
Installing the full win32 client and choosing yes when it asks about using
pass through.
then you have to edit the appsrv.ini file for each client. in the
[wfclient] section add:
EnableSONThruICAFile=On
SSOnUserSetting=On
from there you enable in on the web interface site and you are done. I edit
the config files myself but the gui will do it too.
there are some other catches. If a user has not authenticated into your
domain and tries to hit the web interface (like a home user) they don't get
promoted for credentials and can't get in. I suggest making a second Wi
site for these people and link to it from the logged off page so if users
have trouble with pass through, they can still manually enter their
credentials. I have some kix scripts that can tweak the appsrv.ini file and
fix the client if you did not pick yes to the pass through question when it
was installed. I don't have them where I am at the moment or else I would
go ahead and post them.
Greg
On 1/4/06, Guzzo, Mark A (Mark) <guzzo@xxxxxxxxxx> wrote:
Hello Greg,
Can you be so kind as to share that info with the list as I too would like
to do this.
Thanks...
M a r k G u z z o
Utility Infrastructure Services
Citrix Administrator
Lucent Technologies
2601 Lucent Ln, Lisle, IL 60532-3640
RM:52N15
W/F:630.979.9731
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto: <mailto:thin-bounce@xxxxxxxxxxxxx>
thin-bounce@xxxxxxxxxxxxx] On Behalf Of Greg Reese
Sent: Wednesday, January 04, 2006 3:31 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Pass-through authentification for WI - can I do it
without a SSO product?
this can be done.
You have to tweak a couple settings on the client but it's simple enough.
I have some notes on it I will send you.
Greg
On 1/4/06, Jen hen < jen.work@xxxxxxxxx <mailto:jen.work@xxxxxxxxx> > wrote:
Is there any way to set up the web client (ver 9.0) to do complete
pass-though on the web interface (ver 4.0)??
I know we can do it with the PN or PNA, but we would rather use the
web interface. We don't want to use an SSO product if we don't have to.
Page 48 (caution section) of the WI admin guide talks about some
cookie setting from web to client device that enables pass-through. Of
course they don't go into detail - any ideas?? Is this an appsrv.ini
setting??
TIA!
Jennifer Henske
Mercy Health System
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin
************************************************
Other related posts:
