This is an update to my previous Cool Solution: Integrating Salesforce.com and NetIQ Access Manager using SAML2. If you are new to SAML2 and federation, you may still find my first article useful as I endeavored to explain each concept as each configuration step is described. This article is not inclusive, but an update to that article. In the years since it was written, several new features related to SAML have been added to Salesforce.com. I describe some of those here and also add some extra tips along the way.
This article explains how to retrieve, manipulate, and send data in a SAML assertion that is not available from the configured user store in a SAML assertion – “external data”.
A quick how-to guide on how to combine CLE (Client Login Extension) and SPA (Secure Password Administrator, an extension of DRA) to provide self-service URL for Windows Logon.
Updated: PWM v1.6.0 has been released. PWM is an open source password self service application for LDAP directories. PWM is an ideal candidate for organizations that wish to “role their own” password self service solution, but do not wish to start from scratch.
An update to the verry handy cool solution Sample Code – LDAPNetAddr
I found that recently our edir returned an addresstype 9 (tcp) instead of 1 (IP), which wasn’t handled correctly by the sample code. I’ve modified the code to handle these addresses correctly.
The output from ldapsearch is sent to stdout as LDIF (LDAP Interchange Format). The format is reasonably readable, but not very flexible. In particular, lines longer than 78 characters are split, with the following line starting with a space. In many cases it is necessary to post-process the output to make it more readable. To obtain the output in single line one useful trick is that piping the LDIF through perl will undo the line splitting mentioned above (lines starting with a space are joined to the previous line). Use the following command of perl to undo the splitting.
Perl program to recreate all the default ACL’s for users.
By default, the LDAP option will log only the error (critical and non-critical) messages. This article will help you to get more debugging LDAP messages in the ndstrace by setting the LDAP screen options.
Have you ever had a need for mass generating objects in eDirectory? Maybe not, but if you ever do here is a way to do it!
Need to set the attribute value for all users to a new value?