[THIN] Re: CAG and domain account expiry
- From: "Steve Greenberg" <steveg@xxxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Tue, 5 Jun 2007 16:22:52 -0700
That would very likely work as WI would then be in "standard" mode. The only
downside is that you lose the security layer of the CAG, anyone will be able
to hit that WI page from the Internet...
Steve Greenberg
Thin Client Computing
34522 N. Scottsdale Rd D8453
Scottsdale, AZ 85262
(602) 432-8649
www.thinclient.net
steveg@xxxxxxxxxxxxxx
_____
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Carl Stalhood
Sent: Tuesday, June 05, 2007 4:02 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: CAG and domain account expiry
I wonder if you can turn off Portal Page Authentication and then redirect
the Default group to WI. That way the WI authentication page is displayed
instead of CAG's authentication page.
From: Carl Stalhood [mailto:cstalhood@xxxxxxxxxxxxx]
Sent: Tuesday, June 05, 2007 6:01 PM
To: 'thin@xxxxxxxxxxxxx'
Subject: RE: [THIN] Re: CAG and domain account expiry
CAG presents the initial authentication screen. Once CAG authenticates the
user the credentials are then forwarded to WI. WI only enters the picture
after the user is authenticated by CAG.
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Steve Greenberg
Sent: Tuesday, June 05, 2007 5:54 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: CAG and domain account expiry
But web interface supports password changing so it appears that while CAG
might not react to a password about to expire that WI should pick it up and
prompt. All of the settings imply that WI can do this because you can set it
to do so.
Chad- if you disable pass through credentials between CAG and WI, does it
then work?? A quick way is to revert to the old version of login.cs ...
Steve Greenberg
Thin Client Computing
34522 N. Scottsdale Rd D8453
Scottsdale, AZ 85262
(602) 432-8649
www.thinclient.net
steveg@xxxxxxxxxxxxxx
_____
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Carl Stalhood
Sent: Tuesday, June 05, 2007 3:41 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: CAG and domain account expiry
CAG Standard does not support password expiration. CAG Advanced and CAG
Enterprise do support password expiration.
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Schneider, Chad M
Sent: Tuesday, June 05, 2007 10:29 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] CAG and domain account expiry
We are using the CAG for external contractors and employees to connect.
They sign onto the CAG and it passes them through to the Web Interface,
automatically signing them in.
The problem we have found, is that upon domain account expiration, they are
not prompted regarding the account expiration, so they do not change their
password. Once expiration is complete, they can no longer connect.
I have the Web Interface set to allow password change upon expiration, but
with the pass through, this appears not to work.
Thoughts?
Chad Schneider
Technology Analyst/Citrix Admin.
Bemis Company, Inc.
920-303-7609
Other related posts:
