Hi All,
We are currently configuring Active directory to enable SSO with our existing CA Site minder using siteminder light approach.
Evrything is set from AD configuration "singleSignonOption" : IdentityMapping ,multiDomainTrees:True
From IIS side > Authentication > Allow analunymous access :enable.
When I am trying to login the cognos connection from my browser siteminder form appears when I entered the user id and password, again another login page appears .
how to eliminate this duplicate logon page ? any suggestions
Thanks, Karun
A guess :
Did you try to include the url in the trusted sites in the internet explorer options?
Tried . But no luck
Sounds like your missing the siteminder piece to setup the token. I'd check your siteminder config and ensure that's working. Fiddler/Wireshark helps to track the requests. Unfortunately I no longer work with Siteminder so I can't give you the exact things to check. Just going by my bad memory. ;)
Try again using private mode inside IE. Go to Tools > InPrivate Browsing
Hi Grim,
Thanks for your reply. We identified the issue with Siteminder user directory configuration which configured as of LDAP type.
When it is configured to pass REMOTE_USER variable, in session cookie SMSESSION may be it is passing different value other than 'sAMAccountName' which AD uses for SSO.
As per the IBM documentation , If we are configuring AD in Cognos side it expect site minder namespace also AD and work on REMOTE_USER variable.
Thanks , Karun
Hello Karun,
It is an old post, but we are seeing this same issue. Can you please tell me the details on Cognos Configuration side? The single Signon works when we access the environment using the Cognos Gateway, but when Siteminder Light mode is used to forward the request to Cognos Gateway, the single signon breaks somewhere. Do we have to add the SiteMinder atuhentication source to Cognos Configuration even in the light mode.
Regards,
Swetab