Single Sign-on to Novell ZENworks using Novell Access Manager’s Form Fill Policy



By: SHASHIKALA

July 13, 2011 2:54 pm

Reads: 255

Comments:2

Rating:0

NAM’s (Novell Access Manager) Form Fill policy provides Single Sign-on facility to webservers by prepopulating the fields in a form on first login and then save the information in the completed form to a secret store for subsequent logins.

Please refer to Novell Access Manager 3.1 SP3 Policy Guide for NAM’s policy creation.

This article will help users to enable Single Sign-on to Novell ZENworks server using NAM’s Form Fill Policy. This is tested on both LAG (Linux Access Gateway) and MAG (Multiplatform Access Gateway).

Prerequisites:

  1. NAM setup
  2. ZENworks setup

Steps:

  1. Open NAM’s Administration Console, click Policies
  2. Select the policy container, then click New.
  3. Specify a display name for the policy and select Access Gateway: Form Fill for its type.

  4. (Optional) Specify a description for the Form Fill policy. This is useful if you plan to create multiple Form Fill policies.
  5. In the Actions section, click New, then select Form Fill. Refer the following screen shot.

  6. In the Form Selection section, select Form Name and specify form name as login in the text box.
  7. In the Fill Options section Input Field Name and enter username.
  8. Click on New in the Fill Options section, and enter password in Input Field Name Select password in Input Field Type and select LDAP Credentials:LDAP password as Input Field Value for Credential Profile.

    To enable Single Sign-on using Form Fill policy to ZENworks server, it requires 2 more additional Input Fields with values.

  9. Click on New in the Fill Options section, and enter __EVENTTARGET in Input Field Name Select Hidden from the drop down list in Input Field Type and select Sting Constant from the drop down list of Input Field Value and enter the value as loginButton.
  10. Click on New in the Fill Options section, and enter __BACKCHECK in Input Field Name Select Hidden from the drop down list in Input Field Type and select Sting Constant from the drop down list of Input Field Value and enter the value as false.
  11. In the Submit Options section, enable Auto Submit to submit the form as soon as all the values are filled in.
  12. Click OK.
  13. On the Policies page, click Apply Changes.
Note: In the Fill Options section, the hidden fields __EVENTTARGET, __BACKCHECK are not entered then user will experience the looping issue. This solution is only to enable Single Sign-on using NAM’s Form Fill Policy to Novell ZENworks server. This will not work for other web servers.
VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Categories: Uncategorized

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

2 Comments

  1. By:mickers

    We use NAM3 here, but I don’t understand what you are signing into in this article. I use NAM for lots of web logins, but as far as I know, the only web login to ZCM is the Admin console (not for general use). So are you SSO-ing into the ZCM admin console? Or is this for somehow SSO-ing to the ZCM Agent.

    Essentially this article tells me there are 2 hidden fields required for a ZEN login, but is short of the rest of the information. Can you elaborate? Are you forward proxying your entire ZCM server through NAM? Is this for the web interface of ZCM (users have never used). Or am I missing something?

    Cheers.

    • By:SHASHIKALA

      Thanks for your comment. This article explains how to do single sign on to ZCC (ZENworks Control Center) Login page. ZEN server is placed behind Access Gateway.

Comment