Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Trusted Signon - ServiceCenter

Status
Not open for further replies.

jamesj2

Technical User
Mar 9, 2004
7
0
0
US
I am attempting to use the trusted signon in ServiceCenter but if a user logs in woth uppercase to the network, the ServiceCenter login prompt will pull in the ID as uppercase and fail. Is there a way to to pull in the trusted signon as lower case?

 
I am not sure if this will work but you can try this:

- Go into Forms Designer. The form is called "login.prompt.g".
- Set the Login ID field attribute CaseConversion=Lower.
 
Thanks, I attempted that but it did not seem to make a difference. The data is not being comitted to the field for some reason. It comes in as uppercase, but when I type inm the field, it forces lowercase.

 
I am not sure but am afraid the only way is to convert all logins in Servicenter to be uppercase. That way you'll have the match.

gr Willie
 
One issue with the trustedsignon functionality is that it does not seem very secure. A Peregrine KB document, number "S7N-002-1FNS" actually describes one method (and alludes to another one) on how the ServiceCenter security can be reached when trustedsignon is enabled. Basically the problem lies with what can happen if either:
1. a users domain login is not present in SC
2. a user creates a local login for a username that is a ServiceCenter administrator (such as "falcon")

Of above, scenario 1 is described in that document, and scenario 2 is referred to at the end of the document.

The document also states that an SCR (number 22443) has been issued on this defect, and that it is fixed in SC version 5.0.1 and later. However, when I tested this on SC5.1.1.0 running on my W2K laptop, I was able to login to SC without entering the password I had earlier set for falcon.

You might want to check this for yourself, and if you get the same results as I did, contact Peregrine before using this functionality. What I did to bypass the login screen:

1. add the trustedsignon parameter to sc.ini
2. start the SC service
3. login as an administrator and make sure that the administrator login has a password set
4. logout of SC (leave the service running)
5. go to e.g. the Control Panel and add a new local user to the system
NOTE 1: the username must correspond to the login of the administrator mentioned in step 3
NOTE 2: leave the password blank
5. right-click on the shortcut pointing to the SC client, and select "Properties"
6. select the "Shortcut" tab and tick the box "Run as a different user". Click OK.
8. launch the SC client. When W2K asks under which user do you want to run this program, enter the credentials of the user created in step 5.

best regards,

Jarmo
 
No, there is no way to get around this problem.

You could define all your SC users in uppercase within ServiceCenter. This will work as long as you stick to Win NT clients, but going to XP will give a variation over this theme, because then the users will have to logon to the domain in the same case as defined in ServiceCenter. Funny enough this only happens after the user is warned to change his password for the first time :)

I reported this XP thing to Peregrine 4 months ago. An enhancement requst #26210 has been raised.
 
Just got the following information from Peregrine regarding the security issue I posted above:

"The issue has been reported and SCR 23003 should correct it. This SCR is verified as fixed on release 5.1.2."

Nevertheless, if reading "S7N-002-1FNS", one might get the impression that the security flaws are fixed in version 5.0.1. This is clearly not the case, so if you are using this functionality...might be best to upgrade.

cheers,

Jarmo

 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top