hi there,

we are just in the process of upgrading all our customers domains to
securelogin v. 8.0.1 and it seems as if slaptool.exe is not so stable
with importing .xmls as it used to be. oftentimes it reports RC 5 back
to the script executing slaptool. restarting the script one (or seldomly
several tries are needed) time works again.

we need to use slaptool in this 'non-interactive' mode because only that
way the management of our 80 independent domains is feasible. in essence
i create a new .xml (lets say for ibm notes 9) and put it on a
ftp-server which all domains can connect to. nightly a script executes
comparing a registry-key on the domain controller with the xml-files on
the ftp (which are named like something.<xxx>.xml (where xxx are digits)
to determine if it needs to download and import one ore more of those
files. this functionality did work up to securelogin v.6.0.5, after that
we had to change a reg-key for slaptool to (again) work in this
non-interactive (no user logged on) fashion.

for application-definitions only one customer is interested in, we have
another folder-structure below the 'all-costumers' folder which the
scripts checks as well. this facilitiates updates for all customers and
for a subset of them through the same understandable and stable

i am writing this in the forum to get backing (because this use of
slaptool is not officially supported) for netiq to make it officially
supported (again). anyone else using sso this way (if not so, this might
be a viable offering to customers - kind of auto/no pain way of
providing sso-scripts for widely used applications and centrally manage
the stuff?).

thanks for your feedback, florian

florianz's Profile: https://forums.netiq.com/member.php?userid=309
View this thread: https://forums.netiq.com/showthread.php?t=52145