Return to GCA Homepage
GCA Technology Services, Inc.

SSO, Synchronization and San Antonio

Posted October 21, 2009 by Preksha Sudhakar
SSO , Passlogix

Over the past two weeks, I've been helping a client upgrade users from Passlogix Single Sign-on (SSO) 6.05 to Passlogix SSO 7.0. Not only did I upgrade them to version 7.0, I also switched their log-on method from Windows v1 to Windows v2. Windows v2 provides a better and safer way of authenticating against AD. It does away with windows machine keys, does not attach itself to the GINA (like v1) and also uses a Passphrase question that only the user knows the answer to. This really helps prevent the case of forgotten passwords and help desk calls.

The upgrade got off to a rocky start, mainly because we set an entry in the registry for Windows Data Protection. This stops a user from logging on and using Single Sign-on for multiple machines. Essentially, the user gets tied to the first machine he logged on to. However, after taking this setting off, everything went smooth. Citrix servers can cause problems in many situations, as well. However, making sure that the credentials are not stored locally on the Citrix servers along with not storing data on user disk files helps get rid of most of the issues. One other thing to remember with Citrix servers is to eliminate the drive letter hard coding in the Global Agent Settings.

I also created VBScripts to save a backup of user credentials, if the user was on SSO 6, and get them to switch to v2 if they were on SSO 7. Using VBScripts to invoke command line instructions seems like a quick and easy way to accomplish what was needed. I even wrote a few lines to clear the registry and cache if the user had logged on to a machine before, so we would avoid synchronization errors. We are now into week three and everything is going great. Many users have switched to SSO 7 and there are no known issues! SSO 7 is definitely a better, enhanced version of the product. Even the interface has improved and is more user-friendly.

The best part though, was being in San Antonio, Texas, for two weeks while I implemented the solutions. San Antonio has a large Mexican influence, which makes the city quite unique. My hotel was located on the San Antonio River Walk, so I would see boats and watch as they went past my window. I couldn’t help but imagine how much fun they must be having! Plus, there are loads of venues and restaurants on either side of River Walk. The one that I chose to dine at served warm salsa with the tortilla chips, and I think they must have roasted the tomatoes and bell peppers. I've never even heard of warm salsa, but this was great. Even for breakfast, they serve salsa and Tabasco sauce on the side with eggs. And for lunch, my burger had guacamole and black beans. Seven pounds later, I'm still saying, “So, so tasty!”

Main Links

Search Blogs

Categories

Archives

Tag Cloud

idm project management professional services sun sso directory server authenitication windows social media passlogix marketing 2.0 virtualization vdi unix server security san risk management oracle openid netapp vtl netapp mysql microsoft ldap java ibm iam government exchange 2010 data flow strategy actividentity