AppId is over the quota
of course it is not difficult to create an agent that provides the mapping, but is more functional to use an assembly line of IBM Directory Integrator,so that this configuration is dynamic and driven by changes in AD.A Sample of trace of the connection is as follows:
12:13:54 AM NOTES.INI contains the following *DEBUG* parameters:
08/25/2011 12:13:54 AM DEBUG_HTTP_SERVER_SPNEGO=508/25/2011 12:13:54 AM DEBUG_OUTFILE=c:\tmp\Spnegonotes.log
08/25/2011 12:13:54 AM DEBUG_SSO_TRACE_LEVEL=2
08/25/2011 12:13:54 AM Warning: Debug parameters could impact operation or performance.
08/25/2011 12:13:55 AM Contact your appropriate support vendor.
08/25/2011 12:13:55 AM The Console file is c:\tmp\Spnegonotes.log
08/25/2011 12:13:55 AM Console Logging is ENABLED
08/25/2011 12:18:54.00 AM [06A8:000B-0F3C] SPNEGO> Success calling native routine AcquireCredentialsHandleW
08/25/2011 12:18:54.00 AM [06A8:000B-0F3C] SPNEGO> Security token format received is SPNEGO NegTokenInit
08/25/2011 12:18:54.00 AM [06A8:000B-0F3C] SPNEGO> Success calling native routine AcceptSecurityContext
08/25/2011 12:18:54.00 AM [06A8:000B-0F3C] SPNEGO> SSPI security attributes received 0x803, but requested 0x20014
08/25/2011 12:18:54.00 AM [06A8:000B-0F3C] SPNEGO> Success calling native routine QueryContextAttributesW
08/25/2011 12:18:54.00 AM [06A8:000B-0F3C] SPNEGO> Success calling native routine QueryContextAttributesW
08/25/2011 12:18:54.00 AM [06A8:000B-0F3C] SPNEGO> Success calling native routine QueryContextAttributesW
08/25/2011 12:18:54.00 AM [06A8:000B-0F3C] SPNEGO> User p.rossi@SHAMROCK.COM authenticated by Kerberos service HTTP/mail.net2action.com@SHAMROCK.COM
08/25/2011 12:18:54.00 AM [06A8:000B-0F3C] SPNEGO> Success calling native routine QueryContextAttributesW
08/25/2011 12:18:54.00 AM [06A8:000B-0F3C] SPNEGO> Authenticated user is p.rossi@SHAMROCK.COM via MSIE 6.0.
08/25/2011 12:18:54.00 AM [06A8:000B-0F3C] SSO API> * Getting Single Sign-On Config Data (SECGetSSOConfigData) *
08/25/2011 12:18:54.00 AM [06A8:000B-0F3C] SSO API> OrgName specified [net2action].
08/25/2011 12:18:54.00 AM [06A8:000B-0F3C] SSO API> ConfigName specified [LtpaTokenWin].
08/25/2011 12:18:54.01 AM [06A8:000B-0F3C] SSO API> Retrieved global static cache memory for config [net2action:LtpaTokenWin].
08/25/2011 12:18:54.01 AM [06A8:000B-0F3C] SSO API> * Generating Single Sign-On Token List and retrieving token info (SECTokenListGenerateAndGetTokenInfo) *
08/25/2011 12:18:54.01 AM [06A8:000B-0F3C] SSO API> OrgName specified [net2action].
08/25/2011 12:18:54.01 AM [06A8:000B-0F3C] SSO API> ConfigName specified [LtpaTokenWin].
08/25/2011 12:18:54.01 AM [06A8:000B-0F3C] SSO API> Retrieved global static cache memory for config [net2action:LtpaTokenWin].
08/25/2011 12:18:54.01 AM [06A8:000B-0F3C] SSO API> Setting token domain parameter [.net2action.com]
08/25/2011 12:18:54.01 AM [06A8:000B-0F3C] SSO API> Creation time not specified, using current time [08/25/2011 12:18:54 AM].08/25/2011 12:18:54.01 AM [06A8:000B-0F3C] SSO API> Expiration time not specified, using current time plus config expiration [08/25/2011 12:48:54 AM].
08/25/2011 12:18:54.01 AM [06A8:000B-0F3C] SSO API> Setting token name parameter [LtpaToken]
08/25/2011 12:18:54.01 AM [06A8:000B-0F3C] SSO API> Encoding Domino style Single Sign-On token.
08/25/2011 12:18:54.01 AM [06A8:000B-0F3C] SSO API> -Creation Ticks = 4E5578CE [08/25/2011 12:18:54 AM].
08/25/2011 12:18:54.01 AM [06A8:000B-0F3C] SSO API> -Expiration Ticks = 4E557FD6 [08/25/2011 12:48:54 AM].
08/25/2011 12:18:54.01 AM [06A8:000B-0F3C] SSO API> -Username = CN=Paolo Rossi/O=shamerock/C=IT
08/25/2011 12:18:54.01 AM [06A8:000B-0F3C] SSO API> Dumping memory of constructed token [71 bytes].
00000000: 0100 0302 4534 3535 3837 4543 4534 3535 '....4E5578CE4E55'
00000010: 4637 3644 4E43 503D 6F61 6F6C 5220 736F '7FD6CN=Paolo Ros'
00000020: 6973 4F2F 733D 6168 656D 6F72 6B63 432F 'si/O=shamerock/C'
00000030: 493D D954 8711 C966 72D9 BCDF F471 1E56 '=ITY..fIYr_
00000040: C4F7 88E4 EB05 69 'wDd..ki'
good luck.....
没有评论:
发表评论