Oh right, the Air Force/dod modified the schema in the AD network, and added the field..
On Wed, Jun 5, 2013 at 9:58 AM, Hennigan, Sandra <[email protected]>wrote: > ** > > No, unfortunately not free. I’m not sure what the cost is now. **** > > ** ** > > We deployed it early in 2011 with 7.6. With the rollout of the new app, it > made more sense at the time to purchase a known entity for CAC SSO then to > spend time trying to build one. The EDIPI was parked in the Corporate ID > field; email address was the Remedy Login Name.**** > > ** ** > > Thank you,**** > > ** ** > > Sandra Hennigan**** > > Remedy Developer**** > > ** ** > > *From:* Action Request System discussion list(ARSList) [mailto: > [email protected]] *On Behalf Of *patrick zandi > *Sent:* Wednesday, June 05, 2013 9:55 AM > > *To:* [email protected] > *Subject:* Re: Remedy SSO Login with CaC**** > > ** ** > > ** **** > > is it free? and can you email me that ?**** > > the EDIPI is usually in the AD schema (there should be a location to put > that) the AD network bumps against that in the authentication.. **** > > normally, your CAC person sends in the EDIPI to the NOC and they plug in > that into your AD network.. **** > > ** ** > > On Wed, Jun 5, 2013 at 9:51 AM, Hennigan, Sandra < > [email protected]> wrote:**** > > ** **** > > Dan,**** > > **** > > RightStar has a plugin that supports CAC and single-sign-on.**** > > **** > > Thank you,**** > > **** > > Sandra Hennigan**** > > Remedy Developer**** > > **** > > *From:* Action Request System discussion list(ARSList) [mailto: > [email protected]] *On Behalf Of *Dan > *Sent:* Wednesday, June 05, 2013 9:34 AM > *To:* [email protected] > *Subject:* Re: Remedy SSO Login with CaC**** > > **** > > ** Unfortunately we do not have anyone with Java or API knowledge on > staff. I was hoping that someone on the list could point me in the right > direction or provide some help with the solution. > > Thanks for the reply though, at least now I know there is a fix out there > and it just needs to be configured and applied. > > > v/r > > Dan > > On Wednesday, June 5, 2013 9:10:56 AM UTC-4, Longwing, Lj wrote:**** > > ** **** > > Dan,**** > > I currently work with a customized community sso version that was modified > to take what is given to it and cross reference it with the corporate id of > the user gather the user id of that user from the person form, and then > pass that to the Remedy server.....so I say a definitive 'yes' to your > question...Java could easily parse the entire CAC String and then do the > lookup for user id and then pass that into Remedy...it just takes someone > with relatively basic Java skills (and some API knowledge maybe) to get it > done...**** > > **** > > On Wed, Jun 5, 2013 at 6:53 AM, Dan <[email protected]> wrote:**** > > ** Listers, > > Environment > > Remedy 7.6.04 SP2 > Midtier 7.6.04 SP4 > Windows 2008 R2 Servers > SQL database > > > I work within the DoD and we have been told to move over to CAC > authentication. I have installed Atrium SSO, configured it and with the > help of the Hotfix provided by Remedy, which allows to map SSO usernames to > Remedy Usernames, have it basically working. > > Here is my problem. Atrium SSO uses the full Common Name off of the CAC, > i.e. LASTNAME.FIRSTNAME.MI.EDIPINUMBER, when it creates its users and this > is what it passes to Remedy when logging in users. I can store that in the > mapping file that maps it to the users but we currently have around 10k > users in our system. First off getting all 10k users to provide the CN > from thier CAC's would be near impossible not to mention maintaining the > mapping file. > > What I would like to know is have any of you created or come a cross a way > to strip off the LASTNAME.FIRSTNAME.MI from the CN and just pass the EDIPI > number to remedy. I can pull that from my Active Directory to update the > mapping file if needed. > > The next question is have any of you created or come across a way to store > the EDIPI number in the People form, like in the Corporate ID field, and > have the mid-tier cross reference the EDIPI number or CN to that field and > then log in the user with their username. > Any help would be greatly appreciated. > v/r > > Dan Pritchard _ARSlist: "Where the Answers Are" and have been for 20 years_ > **** > > **** > > _ARSlist: "Where the Answers Are" and have been for 20 years_ **** > > _ARSlist: "Where the Answers Are" and have been for 20 years_**** > > _ARSlist: "Where the Answers Are" and have been for 20 years_ **** > > > > > -- > Patrick Zandi **** > > _ARSlist: "Where the Answers Are" and have been for 20 years_ **** > _ARSlist: "Where the Answers Are" and have been for 20 years_ > -- Patrick Zandi _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"
