Hi,

again the SAML issue. Now, i have a customer who has pretty
heterogeneous environment (means IDM 3.6, 4.0.2 and 4.5 all together).
This customer had installed the IDM 4.5 itself and he asked me to
install the User application. I installed it but I cannot log in.
Everything looks fine. No errors in the catalina.out. No errors in the
osp logs (also i set the DEBUG log level for OSP...). Also the SAML
objects are in the eDir...
But I found something interesting in the eDIR traces.


13:04:25 63C NMAS: 17825854: Create NMAS Session
13:04:25 63C NMAS: 17825854: SASL SAML started
13:04:25 63C Agent: Calling DS Ping conn:0 for client
..PRDS0054_524-NDS.servers.system.SC-META.
13:04:25 63C Agent: Calling DSAResolveName conn:0 for client
..PRDS0054_524-NDS.servers.system.SC-META.
13:04:25 63C Agent: Calling DSAReadObjectInfo conn:0 for client
..PRDS0054_524-NDS.servers.system.SC-META.
13:04:25 63C Agent: Calling DSARead conn:0 for client
..PRDS0054_524-NDS.servers.system.SC-META.
13:04:25 63C Agent: Calling DS Ping conn:0 for client
..PRDS0054_524-NDS.servers.system.SC-META.
13:04:25 63C Agent: Calling DSAResolveName conn:0 for client
..PRDS0054_524-NDS.servers.system.SC-META.
13:04:25 63C Agent: Calling DSAReadObjectInfo conn:0 for client
..PRDS0054_524-NDS.servers.system.SC-META.
13:04:25 63C Agent: Calling DSARead conn:0 for client
..PRDS0054_524-NDS.servers.system.SC-META.
13:04:25 63C NMAS: SASL Mechanism [SAML] not available:
13:04:25 63C NMAS: Available SASL Mechanisms:
13:04:25 63C NMAS: [NMAS_LOGIN]
13:04:25 63C NMAS: [EXTERNAL]
13:04:25 63C NMAS: [DIGEST-MD5]
13:04:25 63C NMAS: 17825854: NMAS Audit with Audit PA not installed
13:04:25 63C NMAS: 17825854: NMAS Audit with XDAS not installed
13:04:25 63C NMAS: 17825854: ERROR: -1693 SASL_DoMechanism:
NMAS_InvokeMechanism
13:04:25 63C NMAS: 17825854: Client Session Destroy Request
13:04:25 63C NMAS: 17825854: Destroy NMAS Session
13:04:25 63C NMAS: 17825854: Aborted Session Destroyed (with MAF)
13:04:25 63C LDAP: Failed to authenticate full context on connection
0x13369b20, err = -1693 (0xfffff963)
13:04:25 848 LDAP: Connection 0x13369b20 read failure, setting err =
-5875
13:04:25 848 LDAP: Monitor 0x848 found connection 0x13369b20 socket
failure, err = -5875, 0 of 0 bytes read

Seems the problem is with the SAML NMAS login method. Maybe the SAML
NAMS is not installed on the eDIR replica what I am using. Or some
binaries are missing. I am not sure. Do you have any idea what`s can be
wrong?
Do you know how can I resintall and reconfigure the SAML NMAS login
method? Where can I find the SAML NMAS installation files for Windows?

Thanks
Milan


--
mjuricek
------------------------------------------------------------------------
mjuricek's Profile: https://forums.netiq.com/member.php?userid=1616
View this thread: https://forums.netiq.com/showthread.php?t=54001