This content has been marked as final. Show 34 replies
To make sure there's no data on your client that references the old SGD external name, you should clear the IE8 browser cache and also clear out any SGD client profiles from your client machine. Client profiles can be found at:
Windows 7: USER_HOME_DIR/AppData/Local/Sun/SSGD/profile.xml
Removing this file will clear out any existing SGD client profiles.
Does this fix your client issue with IE8 and Firefox?
I deleted the profile.xml file, still no success. Just FYi, this Windows 7 machine was freh installed any way and also i didn't have Firefox and Safari installed until you asked about the client platform.
Sorry. In your previous post you asked me:
when you editted the "External DNS Name" config, was this done from the SGD Admin Console?
and I forgot to respond. Yes, I made that change in "SGD Admin Console" via the browser.
And talking about 'SGD Admin Console', I am not sure if it matters to know but I could log in to 'SGD Admin Console' even when I can't login as end user.
Thanks again for all the help.
Here is the good news. After installing the 'Self-Signed SSL Certificate' using
tarantella security selfsign
I was able to pass the error message and able to logon to SGD.
Bad news is I am still seeing the application that I am not suppose to see.
Any other suggestion?
in the mean time, I am reviewing the 'Effective User Profile'. LDAP assignment looks OK, but 'Local Assignments' showing 'LDAP Profile' and 'NT User Profile'. I am wonder these two profiles may be causing the issue?
If you are logged in as an LDAP user and you haven't created any custom user profiles, the user will be using the "LDAP Profile" so if the app is assigned directly to the LDAP Profile the user should see application on the webtop. If your AD user isn't seeing the app, then you should check the profile the user is using (webtop -> info -> detailed diagnostics -> user -> profile). Can you confirm that it's the LDAP Profile?
If you want to assign the application to only members of an AD group then you shouldn't assign the application directly to the LDAP Profile. Here are the docs for LDAP/AD group app assignment:
Here is the output:
.../_service/sco/tta/ldapcache/CN=Habibullah\, Mohammad,OU=Desktop,OU=Mobile and Administrative Workstations with Special Exemptions,DC=HS,DC=UCI,DC=EDU
.../_ens/o=Tarantella System Objects/cn=LDAP Profile
You are right, goal is to assign certain applications to only members of certain AD groups. I am looking at the link you provided and got somewhat more confuse. I am not clear how to achieve this goal. I will go over it again to see what did I miss.