No author bio information
0 points earned on legacy (former) Cool Solutions site
1125 points earned on this site
This is an update to my previous Cool Solution: Integrating Salesforce.com and NetIQ Access Manager using SAML2. If you are new to SAML2 and federation, you may still find my first article useful as I endeavored to explain each concept as each configuration step is described. This article is not inclusive, but an update to that article. In the years since it was written, several new features related to SAML have been added to Salesforce.com. I describe some of those here and also add some extra tips along the way.
This article explains how to retrieve, manipulate, and send data in a SAML assertion that is not available from the configured user store in a SAML assertion – “external data”.
There are several reasons that cause the NAM to detect URL Tampering. Most often it is a name resolution issue stemming from improper DNS or HOSTS file configuration in your environment. Still, even with proper configuration your users may, appropriately, get this message. The reason may stem from users having become accustomed to using web server host or “short names” to access the web server/app before it was protected by Access Manager. If that is the case, this article will show you when and how you can configure NAM to allow “short name” access using the Virtual Mult-homing feature.
This is a short article providing an easy, but perhaps a not so obvious way, to use Novell Access Manager (NAM) for Single Sign-On (SSO) access to the Oracle E-Business Suite (OEBS). OEBS is used as the example, but the same SSO enabling strategy used here can be applied to other web applications as well.
Using Novell Access Manager (NAM) with salesforce.com allows your users to use their existing LDAP credentials for single sign-on access to salesforce.com as well as any web applications protected by NAM.
This cool solution will show you how to add salesforce.com to your NAM implementation using a federated authentication via SAML 2.0. By using SAML 2.0, your users authenticate to NAM as they typically do using their existing LDAP credentials provided by your corporate directory. salesforce.com then authenticates users via SAML without the need to synchronize passwords with salesforce.com. Once configured, your users will have SSO access to all your web resources protected by NAM through either the Access Gateway or using federation protocols. Unfortunately, salesforce.com does not support federated provisioning, so you will still need create users in salesforce.com. If you would like to automatically provision, deprovision, and manage the salesforce.com identities, you can use Novell Identity Manager, but that is out of scope for this article.
Are you using Novell Access Manager so that your users can access internal Web-based resources with a single login? Does anyone occasionally forget their password and call the help desk to have it reset? I have to admit I have forgotten my password, but I didn’t have to call my help desk. I was able to reset it myself through my web browser with a link on my NAM login page. How would you like to add the same feature to your Novell Access Manager implementation? You can do it with Novell software that you probably already own. If so, this article is for you.
Updated: Paul McKeith shares a guide on how to quickly build a lab environment, evaluate Access Manager SSL VPN, and subsequently deploy a single server SSL VPN soft appliance. The build process, fully described with screen shots and advice, will also help you better understand how the product works and what will be needed for the planning of a production roll out.
In this AppNote, Novell’s Paul McKeith explains the new feature in eDirectory 8.8 SP1, where NMAS enables LDAP authentications (binds) so that they are case-sensitive. This feature can also help ease the deployment of Universal Password.