Mr.Ben Posted November 16, 2011 Posted November 16, 2011 (edited) Hi Edugeekers, Has anyone had any luck with configuring SSO for Live@Edu through the SWGfL? If so, what change request were need to complete this, at the moment I'm getting a cryptic SOAP error, telling me that the certificate is wrong and that it can't retrieve a Short Lived Ticker- having spoken to Microsoft we now know that its a firewall problem though. The errors are 0x80048101 The header in the soap request is invalid and 0.80044024 The client certificate is invalid. The calling site cannot be authenticated. Regards, Ben Edited November 16, 2011 by Mr.Ben
mwbutler Posted November 21, 2011 Posted November 21, 2011 Hi Ben Have you got any further with this? I've been off for the last few days but if I get a spare moment I'll try to ring SWGFL and get the issue resolved as I'm having similar issues too. Matt
Mr.Ben Posted November 21, 2011 Author Posted November 21, 2011 Hi Matt, The Live@Edu team are being very helpful - I've just sent back some netmon logs and they are promising to get back to me to tell me where this is not working. I've not got anywhere with the SWGfL yet, but I'll call today.
mwbutler Posted November 23, 2011 Posted November 23, 2011 (edited) Hi Ben Just got off the phone with SWGFL and unless we pay for a support contract with them they aren't willing to help! Have you heard anything back from the Live@Edu team? Any news from SWGFL support? Cheers -edit- I've made a further thread here in the SWGFL forum to try to get the attention of others: http://www.edugeek.net/forums/south-west-grid-learning-swgfl/86147-live-edu-anyone-got-working.html Edited November 23, 2011 by mwbutler
Mr.Ben Posted December 6, 2011 Author Posted December 6, 2011 (edited) Hi Matt, No news as yet. I've chased both MS and SWGFL, but nothing seems to be happening. As far as i can tell from the list of IP's that Microsoft Supply the following List of IP's is needed to access the service. The following IP addresses/URLs are used by Live@Edu for authentication: 207.46.150.128/25 157.55.59.128/25 *.microsoftonline.com *.microsoftonline-p.com *.microsoftonline-p.net *.microsoftonlineimages.com *.microsoftonlinesupport.net The following IP addresses are also used by Live@edu, but these are for exchange online: 94.245.117.128/25 157.55.9.128/25 157.55.11.0/25 157.55.47.0/25 157.55.47.128/25 157.55.224.128/25 157.55.225.0/25 213.199.174.0/25 213.199.177.0/26 It's a big list, and plenty of changes to be made! As for SWGFL not supporting unless you have Live@Edu contract with them I'd suggest going to your local LA to confirm this - I've not had that response yet, and If I did I would be querying it - they can't force you into taking the Live@Edu service when you are capapble of configuring it yourself! Edited December 6, 2011 by Mr.Ben
jamesbmarshall Posted December 6, 2011 Posted December 6, 2011 I've chased both MS and SWGFL, but nothing seems to be happening. Who, at Microsoft, have you been chasing?
sabe75 Posted October 2, 2012 Posted October 2, 2012 Hi James, I'm about to PM you. Hi James, did you ever get any progress on this; we are trying at the moment and are struggling. Kind Regards
EduTech Posted October 2, 2012 Posted October 2, 2012 Hi James, did you ever get any progress on this; we are trying at the moment and are struggling. Kind Regards Is it the Support Representative you are chasing? James.
sabe75 Posted October 2, 2012 Posted October 2, 2012 Is it the Support Representative you are chasing? James. Ahh no, the problem in general. Was this resolved with the exclusions?
EduTech Posted October 2, 2012 Posted October 2, 2012 Ahh no, the problem in general. Was this resolved with the exclusions? ;-) Sorry I got confussed! Thought you were the thread starter at first! My Bad
Mr.Ben Posted October 2, 2012 Author Posted October 2, 2012 This was solved some time ago (at my previous place of work!). I was using Network Service in IIS to pass to credentials to the SWGfL proxy, which wouldn't accept an anonymous sender. I created a new user to do the job instead. I do wonder what you hope to get from the Single Sign On now as O365 doesn't use it! Kind Regards, Ben
EduTech Posted October 2, 2012 Posted October 2, 2012 I do wonder what you hope to get from the Single Sign On now as O365 doesn't use it! Office365 does support Single Sign On? :/ James. 1
Mr.Ben Posted October 2, 2012 Author Posted October 2, 2012 @EduTech - I should have been a bit clearer. O365 does have a single sign on, using adfs, but Live@edu used a Single Sign on tool kit that is no longer supported after the migration to o365.
sabe75 Posted October 3, 2012 Posted October 3, 2012 This was solved some time ago (at my previous place of work!). I was using Network Service in IIS to pass to credentials to the SWGfL proxy, which wouldn't accept an anonymous sender. I created a new user to do the job instead. I do wonder what you hope to get from the Single Sign On now as O365 doesn't use it! Kind Regards, Ben Hi Ben Did you change this in the web.config or somewhere else? Kind Regards
Mr.Ben Posted October 3, 2012 Author Posted October 3, 2012 I think you need to change the Identity under 'Process Model' - In IIS Manager, Application Pools, Advanced Settings. Sorry for being imprecise - my previous place of work has removed my access (a few months after I left).
sabe75 Posted October 8, 2012 Posted October 8, 2012 We have the sharepoint account under identity in the Process Model found IIS-->Application Pools --> AppPool --> Advanced Settings. Presumed it was a proxy issue... looks like it is still getting blocked somewhere ????
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now