Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
SecureId protection for Sharepoint using ISA2006
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
SecureId protection for Sharepoint using ISA2006 - 14.Aug.2006 10:26:01 PM
|
|
|
jwf1776
Posts: 7
Joined: 9.Feb.2004
Status: offline
|
I’m trying to setup a proof of concept demo of SecureId protection for Sharepoint using ISA2006 for Authentication.
I’ve setup SecureID AuthMangr on another computer and assigned a token to a test user “Jeremy”. I changed the ISA2006 system policy to allow SecureID communication to the SecureID server.
I downloaded the isa2006 sdtest util, installed it, and can verify authentication of the user Jeremy with the key fob OTP.
I setup a firewall rule using the sharepoint wizard to publish companyweb.domain.local, forward actual host header, apply to all requests, redirect to port 80, Weblistener is on a dedicated external IP, listens on port 443.
When web listener authentication is set to “Active Directory” authentication I can authenticate fine. When I set web listener to “SecureID” with “require all users to auth” “use rsa 5.0 name locking” and use separate user passcode pages” I get this:
“106: The Web server is busy. Try again later.”
So it appears that the publishing is configured correctly but something with SecureID isn’t correct. I haven’t been able to find reference to this ISA error by googling.
Can you assist me in troubleshooting this issue?
|
|
|
|
|
RE: SecureId protection for Sharepoint using ISA2006 - 15.Aug.2006 6:08:51 AM
|
|
|
tshinder
Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Jeremy,
Try using SSL to SSL bridging, since that's the only secure configuration. Might work, might now -- but at least you haven't horked your security config with the dreaded SSL to HTTP bridging nightmare scenario.
HTH,
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: SecureId protection for Sharepoint using ISA2006 - 18.Aug.2006 9:00:50 PM
|
|
|
isaserver@moon.demon.nl
Posts: 20
Joined: 5.Jul.2003
Status: offline
|
Hi,
did you copy the sdconf.rec file to the %systemrot%/system32 folder? Did you create an RSA Agent host in ace server? Clear node secret on that host and activate rsa log monitor, see what error message you get.
Regards
|
|
|
|
|
RE: SecureId protection for Sharepoint using ISA2006 - 5.Oct.2006 11:14:04 PM
|
|
|
jayshaw91
Posts: 29
Joined: 5.Oct.2006
From: Livonia, Michigan
Status: offline
|
I'm having issues with this, also.
The problem is, me and the RSA dudes don't know what we're doing.
- We added the RSA agent host for my ISA server
- He created a *.rec file and that is now copied to the folder named below
The problem is, I don't know how to configure the web listener properly. On the listener, I go to Authentication, click Advanced, go to RSA SecurID tab and I don't have a clue what to do with the Name Locking checkbox (what's that for?), and how to Manage Domain Secret.
For the Domain Secret, I pointed to the *.rec file we copied to the system32 folder and when it asks for a password it won't take what I ender.
Also, it seems to want to find a *.sdi file. Um, yeah.
Help a clueless man out!
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
