SecureLogin Q and A
Novell Cool Solutions: Feature
Digg This -
Posted: 8 Mar 2006
SecureLogin Q and A
Q1 We have an application we want to work with SecureLogin, and the username to access this system is ALWAYS exactly the same as the user's loginname in NDS. Is there a way for me to copy this automatically into the $Username variable, without asking the user to do so?
A1 Instead of using the copy, try using the command Type ?SysUser(system) This variable holds the current ID of the user on the workstation.
Q2 Is there a definitive list of system variables used by SecureLogin?
A2 The ones I have recorded are:
?SysVersion(System) - SecureLogin SingleSign On version of the client (188.8.131.52 would translate as: 03000400)
?BrowserType(System) - Indicates in which browser the application definition is running
?SysUser(System) - The currently logged on user
?SysPassword(System) - The password of the currently logged on user
?SysContext(System) - Context of the currently logged on user
?SysTree(System) - Name of logged in Tree used by SecureLogin
?SysServer(System) - Server used to login to eDirectory (ripped from Client32 setting)
?CurrTime(System) - Current System Time
Q3 I would like to check if a user belongs to some group. NSL is unable to read multivalued directory attributes, so I have to create a program that will do that and call it form the script. Something like RUN f:\ismember.exe ?SysUser "APP1users" Suppose "ismember.exe" gives a return code or sets errorlevel to 1 if a selected user is a member, and 0 if not. How may I check the result of ismember.exe execution?
A3 What you can do is have your program pop up a message. My group just had to do that for a medical application. We renamed the executable to the same one as the current app uses and run it to check for something going through the tcp ip stack. When our condition is met, a box that says "WAHOO" pops up to notify us of a password change event. We capture that event and handle the situation. So, in short, try making ismmember put up a dialog box that SecureLogin can read from.
Q4 I have a browser that contains an activeX dialog. I can't really recognize the app as an explorer web address. How are these normally handled? I don't remember the application name coming up as anything different than iexplore.exe, which would mean that I would have to always monitor iexplore, which I really hope is overkill.
A4 Some apps do rely on ie to be the main application running. I have had to add code to the IEXPLORE.EXE script to make these work. However what I try to do is use the Include command and keep the script for the application stored on its own as a generic script.
Q5 After installing NSL on the TermServs, I expect that it will say they need to be rebooted. Does that need to be done immediately, or can it be delayed without any side-effects for users who log in between the install and the reboot? The requirement that the first login be an administrator - is that the first login after the install or the first login after the reboot?
A5 This all depends on which sections you install. There is a JAVA section for NSL that only gets installed on the reboot. If you don't install the Java piece then you may be able to get by without the Admin reboot. As long as nobody logs in directly to the server after the reboot and before you get in in the morning it shouldn't matter. You will have to modify the TS configuration anyway to support NSL when it loads the applications, so it will be a 2 stage process anyway.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com