[THIN] Re: Pass-through authentification for WI - can I do it without a SSO product?
- From: Greg Reese <gareese@xxxxxxxxx>
- To: thin@xxxxxxxxxxxxx
- Date: Thu, 5 Jan 2006 07:31:44 -1200
you're right, i didn't read the original email closely enough. Sorry about
that.
Greg
On 1/4/06, Andrew Wood <andrew.wood@xxxxxxxxxxxxxxxx> wrote:
>
> Thats not what was asked tho' - inh your example you're using the full
> client and the full client supports passthrough, because only the full
> client (and PN Agent) enables the integrated logon service.
>
> You can't do an integrated logon if all you have is the web client.
>
> ------------------------------
> *From:* thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] *On
> Behalf Of *Greg Reese
> *Sent:* 05 January 2006 02:02
> *To:* thin@xxxxxxxxxxxxx
> *Subject:* [THIN] Re: Pass-through authentification for WI - can I do it
> without a SSO product?
>
> sure. it is on pg 58 and 59 in the Wi admin guide. I messed with it
> using WI 4 and PS 4 with the v9 client but I think any client above 6 will
> do it.
>
> the keys are:
>
> Installing the full win32 client and choosing yes when it asks about using
> pass through.
>
> then you have to edit the appsrv.ini file for each client. in the
> [wfclient] section add:
> EnableSONThruICAFile=On
> SSOnUserSetting=On
>
> from there you enable in on the web interface site and you are done. I
> edit the config files myself but the gui will do it too.
>
> there are some other catches. If a user has not authenticated into your
> domain and tries to hit the web interface (like a home user) they don't get
> promoted for credentials and can't get in. I suggest making a second Wi
> site for these people and link to it from the logged off page so if users
> have trouble with pass through, they can still manually enter their
> credentials. I have some kix scripts that can tweak the appsrv.ini file
> and fix the client if you did not pick yes to the pass through question when
> it was installed. I don't have them where I am at the moment or else I
> would go ahead and post them.
>
> Greg
>
> On 1/4/06, Guzzo, Mark A (Mark) <guzzo@xxxxxxxxxx> wrote:
> >
> > Hello Greg,
> > Can you be so kind as to share that info with the list as I too would
> > like to do this.
> >
> >
> > Thanks...
> >
> > M a r k G u z z o
> > Utility Infrastructure Services
> > Citrix Administrator
> > Lucent Technologies
> > 2601 Lucent Ln, Lisle, IL 60532-3640
> > RM:52N15
> > W/F:630.979.9731
> >
> > -----Original Message-----
> > From: thin-bounce@xxxxxxxxxxxxx [mailto: thin-bounce@xxxxxxxxxxxxx] On
> > Behalf Of Greg Reese
> > Sent: Wednesday, January 04, 2006 3:31 PM
> > To: thin@xxxxxxxxxxxxx
> > Subject: [THIN] Re: Pass-through authentification for WI - can I do it
> > without a SSO product?
> >
> > this can be done.
> >
> > You have to tweak a couple settings on the client but it's simple
> > enough.
> >
> > I have some notes on it I will send you.
> >
> > Greg
> >
> >
> > On 1/4/06, Jen hen < jen.work@xxxxxxxxx> wrote:
> >
> > Is there any way to set up the web client (ver 9.0) to do
> > complete pass-though on the web interface (ver 4.0)??
> >
> > I know we can do it with the PN or PNA, but we would rather use
> > the web interface. We don't want to use an SSO product if we don't have to.
> >
> > Page 48 (caution section) of the WI admin guide talks about some
> > cookie setting from web to client device that enables pass-through. Of
> > course they don't go into detail - any ideas?? Is this an
> > appsrv.inisetting??
> >
> > TIA!
> >
> > Jennifer Henske
> > Mercy Health System
> >
> >
> > ************************************************
> > For Archives, RSS, to Unsubscribe, Subscribe or
> > set Digest or Vacation mode use the below link:
> > //www.freelists.org/list/thin
> > ************************************************
> >
>
>
Other related posts:
