+ Post New Thread
Results 1 to 5 of 5
Home Access Plus+ Thread, SSO Trouble in Projects:; Hi, I am trying to setup SSO and I have followed the video tutorial : https://hap.codeplex.com/wikipage?ti...ngTitle=Videos I have never worked ...
  1. #1
    ataylor's Avatar
    Join Date
    Apr 2013
    Location
    Lincolnshire
    Posts
    65
    Thank Post
    8
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    SSO Trouble

    Hi,

    I am trying to setup SSO and I have followed the video tutorial : https://hap.codeplex.com/wikipage?ti...ngTitle=Videos

    I have never worked with Kerberos or NTLM before so I have probably made a really simple mistake somewhere as I cannot get it working at all!

    When I go to the HAP page it does not auto log in.

    Any help will be appreciated.


    Code:
    <AD username="HAP" password="Password" upn="banovallum.local" studentsgroup="Pupils" internalip="10.46.16.5/20" usenestedlookups="True" secureldap="False" maxlogonattempts="4" maxrecursions="10" allow1usecodes="False">

    10.46.16.5 is a domain controller and we are working on the 255.255.240.0 subnet (Which is /20 if im correct).

    In the application host file I have entered the following details :

    Code:
        <location path="Default Web Site/hap">
            <system.webServer>
                <security>
                    <authentication>
                        <anonymousAuthentication userName="" />
                        <windowsAuthentication enabled="false" useKernelMode="true">
                            <extendedProtection tokenChecking="Allow" />
                            <providers>
                                <clear />
                                <add value="Negotiate" />
                                <add value="NTLM" />
                            </providers>
                        </windowsAuthentication>
                    </authentication>
                </security>
            </system.webServer>
        </location>
        <location path="Default Web Site/hap/kerberos.aspx">
            <system.webServer>
                <security>
                    <authentication>
                        <anonymousAuthentication enabled="false" />
                        <windowsAuthentication enabled="true">
                            <providers>
                                <clear />
                                <add value="Negotiate" />
                                <add value="NTLM" />
                            </providers>
                        </windowsAuthentication>
                    </authentication>
                </security>
            </system.webServer>
        </location>
    Last edited by ataylor; 15th May 2014 at 02:53 PM.

  2. #2

    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    3,643
    Thank Post
    43
    Thanked 547 Times in 458 Posts
    Rep Power
    121
    O, sorry, this was changed in the v10 release by paul

    Just below the OU's add this
    HTML Code:
     <InternalIPs>
          <InternalIP ip="10.46.16.0/20" />
        </InternalIPs>
      </AD>
    Also make sure you have reverse DNS

  3. #3

    Join Date
    Apr 2012
    Posts
    50
    Thank Post
    0
    Thanked 6 Times in 5 Posts
    Rep Power
    7
    /me hides

    as an additional point, the new functionality allows multiple masks to be set for the internal IP range i.e.

    Code:
    <InternalIPs>
          <InternalIP ip="10.46.16.0/20" />
          <InternalIP ip="11.23.16.0/20" />
    </InternalIPs>
    This should make the functionality easier to use if the internal clients come from multiple IP ranges e.g. different VLAN's

  4. #4
    ataylor's Avatar
    Join Date
    Apr 2013
    Location
    Lincolnshire
    Posts
    65
    Thank Post
    8
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Awesome, Thanks guys.

    It seems to be working now!

    Very much appreciated!

  5. #5
    ataylor's Avatar
    Join Date
    Apr 2013
    Location
    Lincolnshire
    Posts
    65
    Thank Post
    8
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Ugh, it seems to be only working for admins =/

    Not sure what I've done wrong.

SHARE:
+ Post New Thread

Similar Threads

  1. Trouble with google?
    By bishopsgarthstockton in forum General Chat
    Replies: 9
    Last Post: 25th May 2007, 02:03 PM
  2. Acer Ferrari F-19 - DVI Troubles
    By Zoom7000 in forum Hardware
    Replies: 1
    Last Post: 21st February 2007, 09:23 AM
  3. DC Troubles, Issues, Demoting etc
    By steelrazor in forum Wireless Networks
    Replies: 3
    Last Post: 11th October 2006, 11:17 AM
  4. RIS Image trouble
    By ChrisH in forum Windows
    Replies: 5
    Last Post: 2nd December 2005, 04:52 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •