Modifying the Auto Create User Preference Record
Hi! We have our server set to allow guest users. Only Customer Support has access to the Win User Tool. Others have access only via the Browser. The problem is when a Customer Support person mistypes their login and they get in to the WUT without permissions, a bogus User Preference record gets created. Does anyone know how to ensure that a guest user does not automatically get an entry in the User Preference table when they logout? (The only people that I want in the User Preference table are the people in the User table, or people with specific permissions.) I cannot seem to find out where or how the User Preference record gets created, so I have been unable to see if I can figure out a way to modify the process. Any help would be appreciated! Carolyn Wixson ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:Where the Answers Are
Re: Modifying the Auto Create User Preference Record
Thanks Misi. I implemented your first suggestion and it works great! Carolyn -Original Message- From: Misi Mladoniczky [mailto:[EMAIL PROTECTED] Sent: Thursday, November 30, 2006 10:15 To: arslist@ARSLIST.ORG Subject: Re: [ARSLIST] Modifying the Auto Create User Preference Record Hi, Create an outer join from ARSystemUserPrefs - User. Run a nightly escalation that deletes the record in ARSystemUserPrefs if the User-field (of your choise) is NULL. Or create a submit-filter on the ARSystemUserPrefs that submits a record to your ARSystemUserPrefsCheckIfGuest-form. You can have an escalation running every minute there that checks and deletes the ARSystemUserPrefsCheckIfGuest-record and the ARSystemUserPrefs-record if no User-record exists. Best Regards - Misi, RRR AB, http://www.rrr.se/sv/ Hi! We have our server set to allow guest users. Only Customer Support has access to the Win User Tool. Others have access only via the Browser. The problem is when a Customer Support person mistypes their login and they get in to the WUT without permissions, a bogus User Preference record gets created. Does anyone know how to ensure that a guest user does not automatically get an entry in the User Preference table when they logout? (The only people that I want in the User Preference table are the people in the User table, or people with specific permissions.) I cannot seem to find out where or how the User Preference record gets created, so I have been unable to see if I can figure out a way to modify the process. Any help would be appreciated! Carolyn Wixson ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:Where the Answers Are ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:Where the Answers Are ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:Where the Answers Are
Re: Change the $OPERATION$ of a form with workflow
Wow! The timing on this one was great! I was just about to ask the same question. I don't want the Consoles opened in Search, only in New. (It bugs me to see the Advanced Search show where it really cannot be used.) I will try your suggestion. Related Question: It seems that the default mode for opening a form on the mid-tier is Search. Is there any way to change this default mode to New without setting it in the URL each time? (Apologies if this should be on a different thread.) Thanks! Carolyn -Original Message- From: Robert Molenda [mailto:[EMAIL PROTECTED] Sent: Thursday, November 16, 2006 8:52 To: arslist@ARSLIST.ORG Subject: Re: [ARSLIST] Change the $OPERATION$ of a form with workflow ** You cannot directly change the operation, but you can recode the application to: Active Link on Window Loaded/Display Test $OPERATION$ If not the mode you want MODIFY/DIALOG/.. Perform the open window action for the correct mode + view Close the current window. Thanks-n-advance; HDT Platform Incident / Problem Manager Architect Robert Molenda IT OS PA Tel: +1 408 501 6310 Fax: +1 408 501 2410 Mobile: +1 408 472 8097 [EMAIL PROTECTED] Quality begins with your actions. _ From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of Melanie Snayer Sent: Thursday, November 16, 2006 3:10 AM To: arslist@ARSLIST.ORG Subject: Change the $OPERATION$ of a form with workflow ** Hey Guys I'm not sure whether this is me taking a long shot or not but I need to know whether the $OPERATION$ of a form can be modified with workflow. Is this possible? If so please help me with it. Regards Mel __20060125___This posting was submitted with HTML in it___ __20060125___This posting was submitted with HTML in it___ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:Where the Answers Are
Re: Email to Remedy Customer Support - Rejected
Thanks Albert! Turns out the support id had some problem with it - related to the new system. Remedy was getting the same response with this particular id. They reissued another one and it appears ok. I hope that Remedy changes their emails to remove the Active-X. It is very frustrating to get a rejection email and know that you are not seeing the entire message. Carolyn -Original Message- From: Albert Bihler [mailto:[EMAIL PROTECTED] Sent: Thursday, November 09, 2006 02:14 AM To: arslist@ARSLIST.ORG Subject: Re: [ARSLIST] Email to Remedy Customer Support - Rejected Hi Carloyn, I think since the new support web site was released the parsing of the subject line is not that generous (or user friendly) than it used to be. You have to insert Support-ID AND Issue-ID in the subject line. The prefix and even the order of these ids seems to be important. For my the following subject works: SupID:12345;IssueID:ISS03005262 RANT: For my the most annoying thing is that I can't reply to mails from BMC/Remedy support without altering the subject line! Come on BMC/Remedy this behavior can be changed easily and would help your customers a lot! If you need some assistance to fix this issue please contact me off list ;-) Best regards, Albert Wixson Carolyn L PSNS schrieb: I am having problems sending an email to Remedy Customer Support. I keep getting a Rejection email. The problem is that they have some Active-X in this email and that part is getting blocked. The only part I get to see is where they tell you to put the Contract Id in the subject line. Even when I put the contract id in the subject line, I keep getting a rejected email. Can anyone tell me what is in the Active-X part of the email? Thanks! Carolyn ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:Where the Answers Are ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:Where the Answers Are ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:Where the Answers Are
Email to Remedy Customer Support - Rejected
I am having problems sending an email to Remedy Customer Support. I keep getting a Rejection email. The problem is that they have some Active-X in this email and that part is getting blocked. The only part I get to see is where they tell you to put the Contract Id in the subject line. Even when I put the contract id in the subject line, I keep getting a rejected email. Can anyone tell me what is in the Active-X part of the email? Thanks! Carolyn ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:Where the Answers Are
Re: Disable MidTier Help?
Thanks for the reply Michelle. I neglected to mension one vital part, though. (Funny how it doesn't make it always from the brain to the email.) I really want the FORM help available to the mid-tier, just not the FIELD help. It looks like it is all or none. It is too bad that they disabled the feature of hiding fields where necessary. I was hoping that someone had a workaround. Carolyn -Original Message- From: Lucero, Michelle - IST contractor [mailto:[EMAIL PROTECTED] Sent: Monday, October 30, 2006 11:51 To: arslist@ARSLIST.ORG Subject: Re: Disable MidTier Help? Hi, Carolyn: Here are two approaches. 1. Create another view specifically for the Mid-Tier and simply disable Help as mentioned below. Or, 1. Disable Help Mid-Tier menu access item. 2. Create a Form Action field Help button. 3. Create an active link to Hide the button when $ CLIENT-TYPE$ = 9 Here is a note about field-level help in version 6.3 Note: For field-level help, the Hide This Help Text in Web Views check box at the bottom of the tab is ignored in version 6.3. Using previous versions, you can select the check box if you do not want help text for a field to appear in a form viewed on the web. Hope this helps, Michelle -Original Message- From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of Wixson Carolyn L PSNS Sent: Monday, October 30, 2006 1:22 PM To: arslist@ARSLIST.ORG Subject: Re: Disable MidTier Help? Does anyone know if there a way to control the help contents when it is shown to the Mid Tier? Right now in 6.3 it shows all form help and all field help. I would like to hide the field help from the Mid Tier users, but still have the field help for the Windows Client. Carolyn -Original Message- From: Lucero, Michelle - IST contractor [mailto:[EMAIL PROTECTED] Sent: Monday, October 30, 2006 10:39 To: arslist@ARSLIST.ORG Subject: Re: Disable MidTier Help? Hi, Dylan: If you are asking for either the Helpdesk form in the User Tool or in the Mid-Tier. To disable: Open the form in the Admin Tool, On the menu, click Form, select Current View/Properties The View Properties window will open, Click the Menu Access tab Uncheck Help. Click OK. You will have to do that per view that you would like to exclude the Help icon from. Note: It will be excluded on that view whether the form is opened from the Remedy User Tool or Mid-Tier. Hope that helps, Michelle -Original Message- From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of Dylan Sent: Monday, October 30, 2006 12:23 PM To: arslist@ARSLIST.ORG Subject: Disable MidTier Help? Is there a way to disable the help button on the menu bar for the forms like HelpDesk through the mid tier? Or at least control it's action? I've built an outside help system to display the data we want to show the user but I haven't been able to figure out how to disable that default help button. ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:Where the Answers Are ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:Where the Answers Are ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:Where the Answers Are ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:Where the Answers Are ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:Where the Answers Are
Re: Save Button - ARS 6.3 - HD 6 - Resolved!
** Joe, Thanks for adding the tip about the Change Flag - It helped me with a similar issue. Carolyn -Original Message-From: Joe DeSouza [mailto:[EMAIL PROTECTED]Sent: Thursday, October 12, 2006 01:51 PMTo: arslist@ARSLIST.ORGSubject: Re: Save Button - ARS 6.3 - HD 6 - Resolved!** Claire, You are welcome.. You would need to make sure though if you are going to use this, that none of your fields that the user can type values into directly, have the Change Flag property of the field in that view checked.. else the flag wont be dirtied and the save button would look gray even though the user typed stuff in that field... Joe D'Souza Remedy Developer / Consultant, Shyle Networks, New Jersey. - Original Message From: "Sanford, Claire" [EMAIL PROTECTED]To: arslist@ARSLIST.ORGSent: Thursday, October 12, 2006 4:46:26 PMSubject: Re: Save Button - ARS 6.3 - HD 6 - Resolved! Thank you Joe and Tim!ClaireFrom: Action Request System discussion list(ARSList)[mailto:[EMAIL PROTECTED] On Behalf Of Joe DeSouzaSent: Thursday, October 12, 2006 3:35 PMTo: arslist@ARSLIST.ORGSubject: Re: Save Button - ARS 6.3 - HD 6** Claire,Make the Details Pane Banner visible..You will find this on your admin tool when you open up the form underForm - Current View - Properties - AppearanceHope this helpsJoe D'SouzaRemedy Developer / Consultant,Shyle Networks,New Jersey.- Original Message From: "Sanford, Claire" [EMAIL PROTECTED]To: arslist@ARSLIST.ORGSent: Thursday, October 12, 2006 3:54:46 PMSubject: Save Button - ARS 6.3 - HD 6** How do I get the "Save" button back on the HPD:HelpDesk, CHG:Change, andCHG:Task forms?My users want the old style Save button rather than the yucky "Save"button at the bottom of the screen.It is there if I create a brandnew form...ARS 6.3 Patch 18 HD 6.0 Oracle 10 w/9 libraries- Oracle lives on a remote server Windows 2003 4 gig on app server and 8 gig on DB server__20060125___This posting was submitted with HTML in it___ __20060125___This posting was submitted with HTML in it___
Re: Authenticate an ARS user using a certificate stored on a smar t card
Patrick,
I have not done all the research I really need to do for a better approach
yet, this is what I have so far. It seems to do the trick for the most part
of what I need - Mid Tier only.
This will work if all your users are authenticated.
You need to allow Guest Users.
Get the KM-00010678 RemoteUser.jsp from the Remedy Support Site. Follow
the directions for permissions, etc. Name it something like:
RequesterLogin.jsp.
You will have a link on your Intranet to the RequesterLogin.jsp file that
will automatically log in the user based on their authenticated windows
login. (Note that anyone that has a password in the User table, will need to
use the normal login screen.)
You create functionality that verifies the windows login again. (This will
prevent mistyped or invalid logins of people that accidentally get to the
normal login screen or know how to access via URL.)
Create another jsp, name it something like GetLogin.jsp. Here is an example:
function rtn_RemoteUser() {
%
String ruser = request.getRemoteUser();
String realname = ;
/** Loop to remove [Domain.com\] of the ruser so that we are left with
only the NT domain account name **/
int startpoint = ruser.indexOf(\\) + 1;
int endpoint = ruser.length();
for(int x = startpoint; x endpoint; x++) {
realname += ruser.charAt(x);
}
%
return(%=realname%);
}
In the form that Requesters access upon login, place the following in the
heading:
SCRIPT src=/arsys/shared/GetLogin.jsp language=JavaScript /SCRIPT
Then create an active link that will do a Run Process to set a field:
javascript:window.F(60005).DoSet(rtn_RemoteUser()); (I got this part
from a post to the list with the Subject of passing ip config information
- I just love this list!)
You will need to create other Active Links as necessary to allow Admin
testing, etc. Verify the basic rules of login, etc. If these are not met or
if $USER$ does not equal the value your Active Link returns, limit the use
to view only of specific items, or bounce them out, etc.
Hope this helps!
Carolyn
-Original Message-
From: patrick zandi [mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 11, 2006 8:11
To: arslist@ARSLIST.ORG
Subject: Re: Authenticate an ARS user using a certificate stored on a
smar t card
So, how is your approach to this .. Carolyn ?
you can send me offlist..
[EMAIL PROTECTED]
On 10/11/06, Wixson Carolyn L PSNS [EMAIL PROTECTED] wrote:
This sounds very interesting.
I am glad that there are so many people interested in finding a good fix
for
the PKI / Smartcard authentication. One thing that I would like to stay
away
from is having all the Requesters need to have a record in the user
table.
(We have around 7000 people that just need Requester access.)
Carolyn
-Original Message-
From: Davis, David CTR NAVSURFWARCENDIV Crane, Code 0552
[mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 10, 2006 10:07
To: arslist@ARSLIST.ORG
Subject: Re: Authenticate an ARS user using a certificate stored on a
smar t card
The redirect is handle by the 401 Errors. If you are not in the group
hence 401 on the website. Once redirected you must have CAC and a
reason to register. Registration info and harvested data is used to
create the AD account. What I am looking for is a more direct approach
within ARS itself.
Thanks,
Dave
-Original Message-
From: Action Request System discussion list(ARSList)
[mailto:[EMAIL PROTECTED] On Behalf Of patrick zandi
Sent: Tuesday, October 10, 2006 10:34
To: arslist@ARSLIST.ORG
Subject: Re: Authenticate an ARS user using a certificate stored on a
smar t card
This is interesting.. sounds a little like the AF Portal..
The problem with AF Portal is the Embedded password into the scripting..
This is a little on the 2 taco's shy of a combination plate aspect..
But it souds like you are not doing that..
interesting.. is this in JSP ? the redirector and then into remedy..
would like to see that if possible..
MSgt Patrick Zandi, USAF
On 10/10/06, Davis, David CTR NAVSURFWARCENDIV Crane, Code 0552
[EMAIL PROTECTED] wrote:
Hello Carolyn,
What we have done at our activity is to tie the CAC PKI SmartCard to
the Active Directory and assign AD users to a Remedy Group. That
group has permissions to the Virtual Website that hosts the Remedy
MidTier. Much like your Trust comment below. Additionally, we
redirect any user that attempts to access Remedy MidTier to a
registration page that collects their CAC data to create an AD
account. Once their request is approved their AD account is added to
the Remedy group. It is not where we want to be but we have our
Remedy MidTier and Production servers on separate AD Domains.
Thank You for your feedback,
Dave Davis
-Original Message-
From: Action Request System discussion list(ARSList)
[mailto:[EMAIL PROTECTED] On Behalf Of Wixson Carolyn L PSNS
Sent: Friday, October 06, 2006 10:07
To: arslist
Re: passing ipconfig information
**
I just ran into
something yesterday that may be related. I was getting a "Caught exception
'LoadResultList' is null or not an object" error on the mid tier, but the client
ran fine. What I found was that it was a permissions issue related to the
Results List table field. The permissions on the field and column were ok, but
the field was in located in the Debug Page Holder. I needed to give permissions
to the Debug Page Holder. Because we were only running the client before, the
permissions on the page holder were ok at just the Admin level. I guess it
doesn't work that way in the Mid-Tier. Kinda defeats the purpose of what the
Debug was added for, I believe. I am planning to have to create an Active Link
that will unhide it for Administrators only now that others need permission to
it.
ARSystem
6.3
HelpDesk
5.6
Windows
SQL
2000
Carolyn
-Original Message-From: Grooms, Frederick W
[mailto:[EMAIL PROTECTED]Sent: Thursday, September 28, 2006
6:25To: arslist@ARSLIST.ORGSubject: Re: passing ipconfig
information
**
Try them 1 at a time to see which is causing you
problems. I am on Sun (with Apache/Tomcat) and they work for me. I
take it that you are using Windows IIS with ServletExec. I also should
have added for #3 that the AL should have $CLIENT-TYPE$ = 9 for
it's Run-If.
Fred
From: Action Request System discussion
list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]Sent: Wednesday, September 27, 2006
6:25 PMTo: arslist@ARSLIST.ORGSubject: Re: passing
ipconfig information
**
I am getting a
Caught
exception:Object expected error when
running this.
In the
get_client_info.jsp page is there any other syntax that needs to be in the
file?
Any
ideas?
Thanks
From: Action
Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Grooms, Frederick
WSent: Wednesday, September
27, 2006 5:03 PMTo:
arslist@ARSLIST.ORGSubject: Re: passing ipconfig
information
This is from an old
thread "Mid-Tier 6.3 - Get IP Address and Host
Name":
1. Create a file in
the same folder as login.jsp named get_client_info.jsp with the following
contents:
function
env_RemoteAddr() { return ("%=request.getRemoteAddr()%");
}
function
env_RemoteHost() { return ("%=request.getRemoteHost()%");
}
function
env_RemoteUser() { return
("%=request.getRemoteUser().replace('\\', ' ')%");
}
2. Add
the following code to thefooter properties of the form (Form -
Current View - Properties -Appearance - Edit WebFooter
Content):
SCRIPT
src=""
language="_javascript_"/SCRIPT
3. Add
the following AL Run Process command to the form as needed (Replace the field
IDs with your IDs):
_javascript_:window.F(536870976).DoSet(env_RemoteAddr());_javascript_:window.F(536870977).DoSet(env_RemoteHost());_javascript_:window.F(536870978).DoSet(env_RemoteUser());Fred
From: Action
Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of
[EMAIL PROTECTED]Sent: Wednesday, September 27, 2006 3:36
PMTo: arslist@ARSLIST.ORGSubject: Re: passing ipconfig
information
**
Has anyone passed the
ip address and the mac address of a client machine from the midtier?
This did work for the thick client but the midtier errors
out.
From: Action
Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Frank CarusoSent: Tuesday, September 19, 2006 1:44
PMTo: arslist@ARSLIST.ORGSubject: Re: passing ipconfig
information
** This works from the client. Create an
active link that does a set fields $PROCESS$ into a field:$PROCESS$
cmd /c ipconfig /allHowever, you get a large block of text that is not
fomratted very well.
On 9/19/06, [EMAIL PROTECTED]
[EMAIL PROTECTED]
wrote:
**
All,
Has anyone through a Run Process
or maybe another method to run an ipconfig /all on a client pushing the
information from the output to a field within a Remedy form? Any ideas
would be appreciated.
Thanks,
Brandi
Windows 2000
Server
SQL 2000
ARS
6.3
__20060125___This
posting was submitted with HTML in it___
__20060125___This posting was submitted with HTML in it___
Re: Authenticate an ARS user using a certificate stored on a smar t card
We are in the same boat. We need to Authenticate with Common Access Cards (CAC). (The CAC has PKI installed on it.) We are upgrading from 5.1.2 to 6.3 and then we will try to figure the authentication issue out. I got a bit confused when I read through the SSO information. I am hoping that it will make more sense when we actually try to implement it. My fear is that SSO just authenticates to the Windows login, not the CAC, PKI, or smart card as in your situation. Carolyn Wixson -Original Message- From: Rebecca Hammond [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 13, 2006 11:39 To: arslist@ARSLIST.ORG Subject: Re: Authenticate an ARS user using a certificate stored on a smart card Am I the only one who isn't totally confused by the white paper? I'm just not clear on how I'm supposed to write an Authenticator of my own, that handles PKI or SmartCard technology. Is it just because with SSO, it pulls the information from your OS? Does anyone have any samples of what these Authenticators might look like? Thanks in advance! -Rebecca Hammond On Fri, 11 Aug 2006 14:11:45 -0700, Easter, David [EMAIL PROTECTED] wrote: Daniel, You may want to take a look at the Integrating BMC Remedy Action Request System with Single Sign-On (SSO) white paper that was updated for AR System 7.00.00. It also applies to other client-side login intercept technologies like smart cards or PKI. It is available on http://supportweb.remedy.com in the Documents section. David J. Easter Sr. Product Manager - BMC Software -Original Message- From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of CONDREA, Daniel Sent: Thursday, August 10, 2006 10:53 PM To: arslist@ARSLIST.ORG Subject: Authenticate an ARS user using a certificate stored on a smart card Hi All, Can anybody suggest a way to authenticate an ARS user using a certificate stored on a smart card? The end user can not authenticate with a username and a password. He/she can only authenticate using the certificate stored in the smartcard. Best regards, Daniel Condrea -- *DISCLAIMER* The information contained in this communication is confidential and may be legally privileged. It is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking action in reliance of the contents of this information is strictly prohibited and may be unlawful. Orange Romania S.A. is neither liable for the proper, complete transmission of the information contained in this communication nor any delay in its receipt. *END OF DISCLAIMER* ___ UNSUBSCRIBE or access ARSlist Archives at http://www.wwrug.org ___ UNSUBSCRIBE or access ARSlist Archives at http://www.wwrug.org ___ UNSUBSCRIBE or access ARSlist Archives at http://www.wwrug.org ___ UNSUBSCRIBE or access ARSlist Archives at http://www.wwrug.org
Re: SSO via user tool
Title: Re: SSO via user tool ** Benjamin, We are also CAC enabled. We need to get the mid-tier up for Requesters to submit tickets. Our management does not want them to see a login screen. Can you share your CAC solution? We are currently using: ARS ver 5.1.2 HelpDesk ver 5.6 We may be upgrading to ARS ver 6.3 very soon. Any help you can give will be GREATLY appreciated. Carolyn Wixson(360) 476-6197PSNS IMFRemedy ARS Administrator -Original Message-From: Watson Benjamin A Contr AFWA/XOO [mailto:[EMAIL PROTECTED]Sent: Friday, August 04, 2006 10:31To: arslist@ARSLIST.ORGSubject: Re: [ARSLIST] SSO via user tool** I tend to agree with Scott in that a majority of the solutions I found were "glorified password managers" that would essentially store/encrypt user passwords locally. The user could then associate a stored password to an application and, upon launching the application, the password manager would supply the data. In our particular shop, we had Remedy set up to authenticate against the network, but that functionality went away when we transitioned to DoD Common Access Cards (CAC) to access the LAN. One of the developers I worked with was clever enough to write his own application to read the credentials from the CAC and use that to authenticate and log into Remedy. This functionality has been mirrored to the web. The only "slightly" annoying thing is that you must enter your PIN, but it works. This approach is nice in that smart card login can handle verifying that the credientials on the CAC against a certificate authority when accessing the LAN, which has all been invented before. //SIGNED//BENJAMIN A WATSON, Contractor, AFWA/XOOSAIC - Remedy TeamCommercial: (402) 294-8225DSN: 271-8225mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED] From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of Scott HammonsSent: Friday, August 04, 2006 11:44 AMTo: arslist@ARSLIST.ORGSubject: Re: SSO via user tool ** I believe Doug may be referring to the built in integration to provide an SSO functionality against an LDAP store. If this is the case, this is just telling Remedy to use the LDAP store to handle the authentication. This would then handle the SSO functionality for both the web app and the client. I could be wrong, but this is my assumption.If Doug could clarify this, it would be helpful in understanding the stated direction for Remedy. Having said that, I just worked with a client who did a major comparison between the leading "SSO" vendors on the market. All of them could be characterized as "password management with a nomenclature of sso" Some work better than others, but essentially they are all pitching the same thing. For a true "SSO" solution, you would have to a have central repository that all applications could reference for authentication information. LDAP is the closest your going to get to that and not all applications support LDAP integration. As a matter of fact, most applicationshandle authentication individually with their own login interfaces. So the closest thing you have in the marketplace today for SSO is "password management" applications that willallow users to manage their credentials to all their required applications. To the end user this still provides the "SSO" experience regardless of how it is handled on the backend. It's good to see this discussion taking place in the ARSList, as thisseems to be the hot topic acrossmost industries today. I'm looking forward to ongoing discussions in this area. Just my .02. Scott From: Action Request System discussion list(ARSList) on behalf of patrick zandiSent: Fri 8/4/2006 08:52To: arslist@ARSLIST.ORGSubject: Re: SSO via user tool I was told by Doug.. that there would be Built in Functionality on theusertool to do this already.. no documentation on it.. but it isthere..now.. with that said.. I have a ticket in on this and have recieved nofeedback on the latest.. I am planning on following up on this nextweek.. I hope.I know I had issues with the original version of their plugin.. (remedy's)it worked with a userid and a password.. well we don't do that anymore.. so..But do not know the latest...I understood clearly that the same functionality that gives you sso onmid-tier is built into the client tool so that you can SSO exactly thesame way.. using there plug-in.. they (suppose to anyway) have asample with all the code and plug-in stuff into a windows based file..and once compiled it just works.. so..The other ones listed here.. I understood to be more of a passwordmanagment with a nomenclature of sso.. which they are not, to includethe one remedy sells.On 8/4/06, Tyrone Dee [EMAIL PROTECTED]
