Thursday 21 September 2017

windows could not start the Access manager


Error:- windows could not start the Access manager instance.
Solution:- This issue occurs because of two reasons probably like when you have changed some parameter in webseal instance conf file which not valid or may not supported.
and second case would be when webseal instance logs file size exceed, once you reduce the instance log file size, issue will surely resolved.

sometime customer needs immediate solution, so always save your bandwidth by facing kind of experiences rather than doing a logs analysis and complete logs reading.

Regards
Arvind kumar

Posted by at No comments:

Sunday 3 September 2017

Block URL on webseal TAM 6.1

Few months back, I received customer requirement to block specific URLs through TAM webSEAL which running on virtual host junction like y.z.com, so i had just performed following steps.

Steps:- 1. Create a restricted ACL for access requiring authentication:
pdadmin> sec_master> acl create restricted
pdadmin> sec_master> acl modify restricted set group iv-admin TcmdbsvaBRrxl
pdadmin> sec_master> acl modify restricted set group webseal-servers Tgmdbsrxl
pdadmin> sec_master> acl modify restricted set user sec_master TcmdbsvaBRlrx
pdadmin> sec_master> acl modify restricted set any-other Trx
pdadmin> sec_master> acl modify restricted set unauthenticated T

 




2. Attach the restricted ACL to the /sapnet directory on y.z.com (entered as one line):
pdadmin sec_master> acl attach 
/WebSEAL/instance name/@vhost-y.z/sapnet restricted




















Posted by



at





No comments:
  










































Kt pass command mandatory for SPNEGO authentication on AD controller












I had faced issue during SSO integration for Salesforce application in TAM 6.1 environment.

scenario was basically to provide SPNEGO authentication for internal customer users and form based authentication to external customer users.

every steps i did perfectly in WebSEAL like junction creation, ACL and groups imply on Salesforce application. but i chased for SPNEGO authentication through webseal.

after putting some efforts, i found that i missed KTpass command on AD controller.



Command:-



ktpass -princ HTTP/apps.test.com@DOMAIN.COM
–mapuser username.



 Regards

Arvind Kumar




















Posted by



at





No comments:
  


































        

      









Subscribe to:
Posts (Atom)