This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal


~Manny Minnuplopader
Jan 14, 2014, 3:11 PM
4 Posts

SAML NFL MULTIUSER-Installation CITRIX=1

  • Category: Administration
  • Platform: IBM i
  • Release: 9.0.1
  • Role: Administrator
  • Tags: SAML notes client federated login
  • Replies: 5

Hallo,

I'm working with the Client DEBUG-Parameter AdminCamp 2013 from 24.09.2013.

New Situation: in a normal SingleUserInstallation NFL works fine !!

In XENAPP MultiUserEnvironment I've an Extra: Integrating the SAML-Certifikats into the deploy.nsf before setup.

Now the client log looks a little bit nicer:

[0FDC:0002-0E7C] 14.01.2014 16:02:01,73 CheckForNFLEnablementFromMediaKit> Enabled NFL for client setup
[0FDC:0002-0E7C] 14.01.2014 16:02:03,09 CTrustMgmt::CopyCertsFromMediaKit> Enabled NFL on client
[0FDC:0002-0E7C] 14.01.2014 16:02:03,09 CTrustMgmt::CopyCerts> Running CopyCerts
[0FDC:0002-0E7C] 14.01.2014 16:02:03,09 CTrustMgmt::BuildCache> Building cache
[0FDC:0002-0E7C] 14.01.2014 16:02:03,36 CTrustMgmt::ProcessOneCert> Copied cert or cross cert doc with source note id 0x9CE
[0FDC:0002-0E7C] 14.01.2014 16:02:03,36 CTrustMgmt::ProcessOneCert> Copied cert or cross cert doc with source note id 0x9D2
[0FDC:0002-0E7C] 14.01.2014 16:02:03,36 CTrustMgmt::ProcessOneCert> Cross Certificate is not in the hierarchy for this user: 0x9D6
[0FDC:0002-0E7C] 14.01.2014 16:02:03,53 DeskManageNFLState> Client not launched in NFL supported mode

has anybody done this before ?

Best regards

Frank Monien

~Autumn Quethipiskioden
Jan 15, 2014, 2:57 PM
18 Posts
I can't see a benefit of deploying the inet cross cert using deploy.nsf, ...
, because NFL has to be activated by using a security policy.
This said, for first time setup you have to use the Notes ID password, pull the security policy and activate NFL.
Further more, you have to deploy not only the INet Cross cert, but the notes certs, too.
So, what is the behavior when deploying the INet Cross cert using a security policy?

This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal