Using NSL Scripting to Enable Novell Remote Manager for Web Single Sign-On



By: mugirish

January 9, 2008 2:12 pm

Reads: 195

Comments:0

Rating:0

The main objective of this AppNote is to give you an overview of how you can use the Novell SecureLogin (NSL) scripting to enable Novell Remote Manager (NRM) for web single sign-on. This AppNote explains different ways to access Novell Remote Manager from a browser and how the SecureLogin script provided with this article handles access scenarios.

Introduction

Novell Remote Manager (NRM) lets you securely access and manage one or more NetWare servers from any remote location through a standard Web browser. NRM includes secure access to the server console screens and file system, server health monitoring, diagnostic tools, and powerful inventory reporting features. To access this service and all the power of NRM, users must be logged in to it. This is where you can make NSL and NRM inter-operate. With this inter-operation, you can use NSL to seamlessly log in all users to NRManager.

Novell Remote Manager Usage and Implementation in SecureLogin scripts

NRM for NetWare is a browser-based utility you can use to manage one or more NetWare servers from a remote location. The NRM service can be accessed by typing the following in address field in a browser:

http://:8008 or other_configured_port_number

NRM can be accessed using most web browser utilities, such as Mozilla Firefox, Microsoft Internet Explorer 6 or later, Mozilla 1.7, KDE 3.2 Konqueror (with limited functionality), NetWare Server browser, or Safari 1.2 (with limited functionality). Since NSL supports only FireFox and Internet Explorer, the NRM script implementation works only with one of the two supported browsers for NSL.

Implementation in an NSL/NRM Script

The SecureLogin script for NRM works for all users, and the kind of access that each user gets is based on the privileges of that user. The script is based on the URL-based search of the application that uniquely identifies the URL of the NRM to perform SSO.

SecureLogin Script for Novell Remote Manager

The NRM script below is written to handle the following SSO aspects:

  • NRM login handling
  • Invalid username/ password handling
  • Login loop handling
  • Multiple logins

#####################################################################
# URL 			: /_LOGIN_SERVER_
# Name			: NRM Web login 
# Type				: Advanced Web Login Script
# Author 			: Girish Mutt
# 
# This Application Definition is capable of handling the following:-
# 
# 	* NRM Login Handling.
#	* Invalid User name/ Password Handling.
# 	* Login Loop handling.
#	* Multiple Logins.
#
#####################################################################


#**********************************************************************
# Purpose of Application Definition : " NRM Login Handling for Web-SSO"
#**********************************************************************

If -Text "password:"
	Call Login
EndIf



#******************************************************
# Subroutine Name: Login
#
# Purpose: It handles the NRMWeb Login
#
#******************************************************

Sub Login
	Set ?LoginCount "1"
	SetPrompt "User name:"
	Type $Username #1
	SetPrompt "Password:"
	Type $Password #2
	Submit
	SetPrompt "Enter NRMAccount Credentials: :"
	EndScript
EndSub



#**************************************************************
#
# Purpose: Novell Remote Manager Wrong Username and/or Password Handling
#
#**************************************************************

If -Text "Login Error! Username or Password invalid. Please try again."
	DisplayVariables "Your UserName and/or Password seems to be wrong. Please enter the Login Credentials!!" $Username $Password
	Call Login
EndIf


#**********************************************************************
# Purpose of Application Definition : NRM Login Loop Handling 
#**********************************************************************

If -Text "Login"

	If ?LoginCount Eq "1"

		MessageBox "Would you like to login again?" -YesNo ?EnterChoice

		If ?EnterChoice Eq "Yes"
			Call Login
		Else
			Set ?LoginCount "0"
			EndScript

		EndIf
	Else

	Call Login

	EndIf

EndIf

Implementing the NRM Script with NSL

The NRM script can be added to the NSL client by following the steps below:

1. From the system tray, launch the NSL icon to get the Manage Logins window.

2. In the left panel, right-click the Applications option and add the New application.

A dialog box appears, where you can add the new application definition.

3. Choose the second radio button to add the New Application Definition. Here you need to provide the values to the following 3 parameters to create the Application Definition:

  • Type: This defines the type of the Application, such as Windows, Terminal emulator, Java, Web, and others. Since we are creating an Application Definition for NRM, which is a Web application, we need to choose the Advanced Web option from the dropdown box.
  • URL: For the NRM account, we need to provide “/_LOGIN_SERVER_” as the parameter value.
  • Description: Here we can provide any value that will help us understand the type of the application for which this Application Definition is being added. For this parameter, provide a value such as “Novell Remote Manager”.

Figure 1: Adding a new application for NRM login

4. Click the Definition tab under the above newly added application.

5. Add the script provided.

6. Click OK to continue.

Figure 2: Adding a new Application Definition for NRM login

7. Launch the NRMLogin page.

The user will be taken to the NRM login page, where there is a prompt from NSL to configure for web SSO. Once the credentials are provided, the user will be configured for SSO to NRM.

Figure 3: SecureLogin prompt to configure and enable NRM for Web SSO

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Tags: , ,
Categories: Uncategorized

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Comment