1 2 3 Previous Next 34 Replies Latest reply: Apr 14, 2011 6:37 PM by 838745 Go to original post RSS
      • 30. Re: Assigned User Profile / AD groups /
        DeanyDean
        Hi Habib,

        To make sure there's no data on your client that references the old SGD external name, you should clear the IE8 browser cache and also clear out any SGD client profiles from your client machine. Client profiles can be found at:

        Windows 7: USER_HOME_DIR/AppData/Local/Sun/SSGD/profile.xml

        Removing this file will clear out any existing SGD client profiles.

        Does this fix your client issue with IE8 and Firefox?

        Matt
        • 31. Re: Assigned User Profile / AD groups /
          838745
          Hi Matt,

          I deleted the profile.xml file, still no success. Just FYi, this Windows 7 machine was freh installed any way and also i didn't have Firefox and Safari installed until you asked about the client platform.

          Sorry. In your previous post you asked me:

          when you editted the "External DNS Name" config, was this done from the SGD Admin Console?

          and I forgot to respond. Yes, I made that change in "SGD Admin Console" via the browser.

          And talking about 'SGD Admin Console', I am not sure if it matters to know but I could log in to 'SGD Admin Console' even when I can't login as end user.

          Thanks again for all the help.

          Habib.
          • 32. Re: Assigned User Profile / AD groups /
            838745
            Here is the good news. After installing the 'Self-Signed SSL Certificate' using

            tarantella security selfsign

            I was able to pass the error message and able to logon to SGD.

            Bad news is I am still seeing the application that I am not suppose to see.

            Any other suggestion?

            in the mean time, I am reviewing the 'Effective User Profile'. LDAP assignment looks OK, but 'Local Assignments' showing 'LDAP Profile' and 'NT User Profile'. I am wonder these two profiles may be causing the issue?

            Thanks again.

            Habib.
            • 33. Re: Assigned User Profile / AD groups /
              DeanyDean
              Hi Habib,

              If you are logged in as an LDAP user and you haven't created any custom user profiles, the user will be using the "LDAP Profile" so if the app is assigned directly to the LDAP Profile the user should see application on the webtop. If your AD user isn't seeing the app, then you should check the profile the user is using (webtop -> info -> detailed diagnostics -> user -> profile). Can you confirm that it's the LDAP Profile?

              If you want to assign the application to only members of an AD group then you shouldn't assign the application directly to the LDAP Profile. Here are the docs for LDAP/AD group app assignment:

              http://download.oracle.com/docs/cd/E19141-01/820-6689/chapter3.html#d0e14960

              Matt
              • 34. Re: Assigned User Profile / AD groups /
                838745
                Hi Matt,

                Here is the output:


                User :
                .../_service/sco/tta/ldapcache/CN=Habibullah\, Mohammad,OU=Desktop,OU=Mobile and Administrative Workstations with Special Exemptions,DC=HS,DC=UCI,DC=EDU
                Profile :
                .../_ens/o=Tarantella System Objects/cn=LDAP Profile


                You are right, goal is to assign certain applications to only members of certain AD groups. I am looking at the link you provided and got somewhat more confuse. I am not clear how to achieve this goal. I will go over it again to see what did I miss.

                Thanks again.

                Habib.
                1 2 3 Previous Next