Skip to main content
This forum is closed to new posts and responses. New discussions are now taking place in the IBM Developer Answers forum.
 
developerWorks
AIX and UNIX
Information Mgmt
Lotus
New to Lotus
Products
How to buy
Downloads
Live demos
Technical library
Training
Support
Forums & community
Events
Rational
Tivoli
WebSphere
Java™ technology
Linux
Open source
SOA and Web services
Web development
XML
My developerWorks
About dW
Submit content
Feedback



developerWorks  >  Lotus  >  Forums & community  >  IBM Sametime Forum

IBM Sametime Forum

developerWorks

  

PreviousPrevious NextNext

RE: SSO with meeting server
Ben Williams 15.May.14 09:40 AM Lotus Notes
Administration 9.0 Windows


A customer queried something similar. If it is the same cause then it is due to managed-settings.xml not being configured to cater for older clients. What version of the client are you using?

*******************

The problem is that the managed-settings.xml is not configured correctly for SSO to work for all versions of the embedded Sametime client.

Once my VPN was working I could happily reproduce the problem. What is configured to happen is that I login to the Community server. Once logged in the Sametime client stores an LTPAToken obtained from the Community server. This LTPAToken can be used by other IBM software that uses the same LDAP and DNS domain.

The reason why it is not working for me is because loginByToken=true is missing from managed-settings.xml so that my version of the client will not attempt to use the LTPAToken obtained from the Community server. I added loginByToken=true to C:\Program Files\IBM\Lotus\Notes\Data\workspace\.metadata\.plugins\org.eclipse.core.runtime\.settings\com.ibm.rtc.meetings.shelf.prefs and on restart on the Notes client I was automatically logged into the Meeting client (after signing into the Community server).

IBM documentation says that loginByToken=true is not required in the Sametime client version 8.5.2. I am using Notes 8.5.3 which has Sametime 8.5.1 embedded hence why it fails. It might be possible that the same is true of your users who have reported this and the test I have detailed above is valid and can be used on these users.

If you add loginByToken=true to com.ibm.rtc.meetings.shelf.prefs and start the Notes client for those affected people then you know what works for me works for them.

If you can confirm that then the following approach can be taken to apply to all users regardless of client version though you will want to test this first of all before updating the managed-settings.xml used by the default Sametime policy.
  • Back up \Lotus\Domino\Data\domino\html\update\managed-settings.xml
  • Under "<settingGroup name="com.ibm.rtc.meetings.shelf" lastModDate="20130424T000001Z">" add "<setting name="loginByToken" value="true" isLocked="you decide" /> " deciding on whether you want to enforce this.
  • Save the xml.
  • Test the Notes client. You may need to delete your workspace (C:\Program Files\IBM\Lotus\Notes\Data\workspace) directory to pick up the changes.
  • You may also want to change the lastModDate date so that the client knows that there's been a change but you should test this behaviour on your clients first.

In the Sametime 8.5.2.1 wiki (link) it says (about loginByToken) under "release" "8.5 through 8.5.1.1. Not used in 8.5.2." It also goes onto say "If the community server and meeting server are configured in the same single sign-on domain, this key, when set to true, forces the meeting client to log in with the LTPA token from the community server. If the meeting server is configured to re-use the community server credentials, the client automatically attempts to log in with a user name and LTPA token before falling back to a user name and password. Note that clients running releases earlier than 8.5.2 can also use an LTPA token but do not attempt to do so automatically and have no fallback mechanism. This value cannot be applied to specific meeting servers. Because it is a global setting for all servers, do not use this value if you have these older clients and some community servers and meeting servers that are not configured for single sign-on."





SSO with meeting server (Klaus Gross 15.May.14)
. . RE: SSO with meeting server (Jim Reilly 15.May.14)
. . . . RE: SSO with meeting server (Klaus Gross 26.May.14)
. . . . RE: SSO with meeting server (Ben Williams 15.May.14)
. . RE: SSO with meeting server (Ben Williams 15.May.14)
. . . . RE: SSO with meeting server (Klaus Gross 19.May.14)
. . . . . . RE: SSO with meeting server (Ben Williams 19.May.14)


Document Options






  Document options
Print this pagePrint this page

Search this forum

Forum views and search


  Forum views and search
Date (threaded)
Date (flat)
With excerpt
Author
Category
Platform
Release
Advanced search

Member Tools


RSS Feeds

 RSS feedsRSS
All forum posts RSS
All main topics RSS
More Lotus RSS feeds

Resources

 Resources
Forum use and etiquette
Native Notes Access
Web site Feedback

Lotus Support

 Lotus Support
IBM Support Portal - Lotus software
Lotus Support documents
Lotus support by product
Lotus support downloads
Lotus support RSS feeds

Wikis

 Wikis
IBM Composite Applications
IBM Mashup Center
IBM Connections
IBM Connections Cloud Developers
IBM Docs
IBM Forms
IBM Mobile Connect
IBM Sametime
IBM SmartCloud for Social Business
IBM Web Experience Factory
Lotus Domino
Lotus Domino Designer
Lotus Expeditor
Lotus Foundations
Lotus iNotes
Lotus Instructor Community Courseware
Lotus Notes
Lotus Notes & Domino Application Development
Lotus Notes Traveler
Lotus Protector
Lotus Quickr
Lotus Symphony
IBM Web Content Manager
WebSphere Portal

Lotus Forums


 Lotus Forums
Notes/Domino 9.0
Notes/Domino 8.5 + Traveler
Notes/Domino XPages development forum
Notes/Domino 8
Notes/Domino 6 and 7
IBM Connections
IBM Mobile Connect
IBM Sametime
IBM SmartCloud Notes
Lotus Enterprise Integration
Lotus Protector
Lotus Quickr
Lotus SmartSuite