This may be challenging if you have not configured Access Manager as an SP before, but the screen shots should help guide you in this configuration. Determine the actual GroupWise group name to which the user needs to added or removed. Adjust them as required to match the use case in your environment as in the example policies, particular description attribute values are used to trigger the needed actions for demonstration purposes. Access Manager , Technical Solutions. I forgot to mention this in the original post, but there is a known issue with the IDP losing the redirect when using a post authentication method.
|Date Added:||4 August 2012|
|File Size:||54.97 Mb|
|Operating Systems:||Windows NT/2000/XP/2003/2003/7/8/10 MacOS 10/X|
|Price:||Free* [*Free Regsitration Required]|
The attachment provided in this article contains IDM custom jar file and IDM package that are needed to demonstrate the photo feature. This can be determined in means that best suits your business use case. groupwixe
First, create a path or domain based accelerator and point it to your WebAccess server. Without the association value a group modify event will fail in the shim. Be sure to test in a non-production environment.
Firstly follow the steps outlined in the mentioned article to setup the connection to GroupWise R2 and above. The association value is essential for the group modify to be successful in GroupWise system. This iidm be challenging if you have not configured Access Manager as an SP before, but the screen shots should help guide you in this configuration. I forgot to mention this in the original post, but there is a imd issue with the IDP losing the redirect when using a post authentication method.
Hope this helps and please leave any comments on any improvements that you think can benefit others. If anyone needs to use this, then they must add their own conditions for which this solution needs to be triggered. A few are listed here:. Once you have applied 201 settings, you should be able to access the accelerator address, log into your IDP, and see your mailbox in WebAccess.
A query needs to be sent to GroupWise system to 20114 for a group with a matching CN. If you were able to access the protected resource, congratulations!
Groupwise REST driver fails to add user – return status code:
Groupwise Read me. This tutorial has three main components: CloudAccess and Access Manager can use different user stores, as long as you can find an attribute that is consistent grouwise them. Be sure to test in a non-production environment.
Hence in the solution policy included below the condition part is skipped and only rule actions will be discussed.
The bug is still open, but I have posted a workaround on the forums:. This will allow one touch access to everything protected by Access Manager, including WebAccess. At this point, you should be able to test the federation by logging into CloudAccess from your desktop and selecting the NAM AppMark that you configured.
Missing or incorrect certificate in IDP trust store Contract not satisfiable by external provider Incorrect attribute mapping Troubleshooting is outside the scope of this tutorial, but the SAML tracer Firefox extension and the IDP logs can be quite valuable tools for identifying other issues.
Access ManagerTechnical Solutions.
Groupwise 2014 REST driver fails to add user – return status code: 404
By itself, this is a nice feature to have enabled because it adds a layer of protection for the WebAccess server, and it is convenient for desktop users. This feature is particularly useful for BYOD situations, such as when an employee wishes to access GroupWise, but does not wish to have corporate restrictions or store their corporate password on their personal device. After this is done, configure an identity injection for Access Manager to inject the username and password into an authorization header and enable this for the protected resource see related screen shot.
It just worked for at least one person, and perhaps it will be useful for you too. February 10, at 2: These options are outlined in the first two images below.
Leave a Reply Cancel reply You must be logged in to post a comment. You must be logged in to post a comment. Once you have made it this far, the last step is configuring the WebAccess AppMark. It just worked for at least one person, and perhaps it will be useful for you too.
However since the number of groups were high in number, it was a requirement from one of our customers to be able to manage GroupWise distribution list membership without enabling the group object sync in the IDM connector filter.
If anyone needs to use this, then they must add their own conditions for which this solution needs to be triggered Logic: