Hello,
we are using an EP v7 SP12 and Lotus Domino v6.5.4.
We had a fine SSO configuration between our portal ("portal.saras.it") and our Lotus system ("mail.saras.it").
But when we changed the portal domain in "portal.sarasgroup.dom" the SSO with Lotus didn't work fine.
We thought that the problem could be the different domain suffix, so we tried to do an SSO configuration with another server Lotus (a test server) "mailTest.cagliari.saras.sarasgroup.dom" (the "names.nsf" database is linked from domain "saras.it").
- We extracted and imported the dll (ds_ticket.dll, sapsecu.dll, wpsso_v3.dll) and the "verify.pse" file.
- we configured "DSAPI Filter" adding the path of "ds_ticket.dll"
- We added the value "MySapPsePath = F:\Domino\SAP\verify.pse" in the "notes.ini" file
- Writing in the server domino console "show configuration MySapPsePath" the path is verifyed succesfully.
- The portal Test User (T000001) is mapped as alias in a Lotus user profile
- We set the Domino installation path as environment variable in Lotus Server OS (windows 2003)
Trying to acces from the portal, the SSO doesn't work, a login page appears.
And in the Lotus Server Console is showed the message:
"Current AuthData: User = ,InCache = 0, PreAuth = 0, Flags = 3F
SSO Ticket found, 484 bytes
Found sap_user = T000001
sap_user: T000001 Ticket is invalid or expired
SAP Ticketverifier Error: invalid ticket.
SAP Ticketverifier Message: falling back to Lotus Domino Authentication"
So the portal user ID is recognised by Lous System, but the ticket is invalid...
Are we missing some configurations???
Why the Lotus system recognises T000001 but doesn't accept the ticket?
Please help us!! 😀