9 Replies Latest reply on Mar 20, 2009 12:48 PM by Christopher-Boston

    iPass and SSO

      Hi !

      I just can't figure out what entries to add to get the SSO feature running with iPass 3.5 :confused:. Has possibly someone a sbgina.ini with the entries for the iPass GINA?

      Thx
        • 1. RE: iPass and SSO
          post the sbgina dump here and I'll suggest (or mail it to me).
          • 2. SBGINA.ini dump
            Sorry, I don't know your email - so I post the sbgina.ini we are currently using on our 2000+ devices. I had to remove most of the comments, as the editor complained about the length of the post ...


            --------------------------------
            [Global]
            ;Version 4740

            Trace.LogonWindowInfo=No
            Trace.FileName=LOGONWND.TXT

            Option.UnlockWorkstationMode=SbWindowsSso

            Option.AllowSsoCancel=Yes

            [Windows.NT.Logon]

            Window1=MSGina.NT4.LogonDialog
            Window2=MSGina.W2K.LogonDialog
            Window3=MSGina.XP.LogonDialog
            Window4=MSGina.WIN2003.LogonDialog
            Window5=NWGina.NT.LogonDialog
            Window6=NWGinaJP.NT.LogonDialog
            Window7=FSSGina.XP.LogonDialog
            Window8=CSGina.W2K.LogonDialog
            Window9=CSCOGina.W2K.LogonDialog
            Window10=ODYGINA.W2K.LogonDialog
            Window11=NWGina.BIA.LogonDialog

            [Windows.NT.Locked]

            Window1=MSGina.XP.LockedDialog
            Window2=FSSGina.XP.LockedDialog
            Window3=NWGina.BIA.LockedDialog

            [Windows.9x.Logon]

            Window1=MSNP.9x.LogonDialog
            Window2=NWNP.9x.LogonDialog
            window3=NWNPJP.9x.LogonDialog


            ;----------------------------------------------------------------------------
            ; The logon window definition sections for NT/W2K/XP
            ;
            [MSGina.NT4.LogonDialog]

            OS.MajorVersion=4
            OS.MinorVersion=Any

            OrigDll.Name=MSGINA.DLL
            OrigDll.FileVersion=x.x.x.x

            Window.Title=Any
            Window.Class=#32770

            Dlg.CtrlId.OK=1
            Dlg.CtrlId.UserName=1453
            Dlg.CtrlId.Password=1454
            Dlg.CtrlId.Domain=1455

            Option.CaptureFromDlg=Yes

            Option.EntryMode.UserName=0
            Option.EntryMode.Password=0
            Option.EntryMode.Domain=2


            [MSGina.W2K.LogonDialog]
            OS.MajorVersion=5
            OS.MinorVersion=0
            OrigDll.Name=MSGINA.DLL
            Window.Title=Any
            Window.Class=#32770
            Dlg.CtrlId.OK=1
            Dlg.CtrlId.UserName=1502
            Dlg.CtrlId.Password=1503
            Dlg.CtrlId.Domain=1504
            Option.CaptureFromDlg=No
            Option.EntryMode.UserName=0
            Option.EntryMode.Password=0
            Option.EntryMode.Domain=2

            [CSCOGINA.W2K.LogonDialog]
            ;This section for Ciscos Gina for Windows 2000 which is the same as the standard one, but
            ;has a different extention.
            OS.MajorVersion=5
            OS.MinorVersion=0
            OrigDll.Name=CSCOGINA.DLL
            Window.Title=Any
            Window.Class=#32770
            Dlg.CtrlId.OK=1
            Dlg.CtrlId.UserName=1502
            Dlg.CtrlId.Password=1503
            Dlg.CtrlId.Domain=1504
            Option.CaptureFromDlg=No
            Option.EntryMode.UserName=0
            Option.EntryMode.Password=0
            Option.EntryMode.Domain=2

            [ODYGINA.W2K.LogonDialog]
            OS.MajorVersion=5
            OS.MinorVersion=0
            OrigDll.Name=ODYGINA.DLL
            Window.Title=Any
            Window.Class=#32770
            Dlg.CtrlId.OK=1
            Dlg.CtrlId.UserName=1502
            Dlg.CtrlId.Password=1503
            Dlg.CtrlId.Domain=1504
            Option.CaptureFromDlg=No
            Option.EntryMode.UserName=0
            Option.EntryMode.Password=0
            Option.EntryMode.Domain=2

            [CSGina.W2K.LogonDialog]
            ;This section for Ciscos Gina for Windows 2000 which is the same as the standard one, but
            ;has a different extention.
            OS.MajorVersion=5
            OS.MinorVersion=0
            OrigDll.Name=CSGINA.DLL
            Window.Title=Any
            Window.Class=#32770
            Dlg.CtrlId.OK=1
            Dlg.CtrlId.UserName=1502
            Dlg.CtrlId.Password=1503
            Dlg.CtrlId.Domain=1504
            Option.CaptureFromDlg=No
            Option.EntryMode.UserName=0
            Option.EntryMode.Password=0
            Option.EntryMode.Domain=2


            [MSGina.XP.LogonDialog]
            OS.MajorVersion=5
            OS.MinorVersion=01
            OrigDll.Name=MSGINA.DLL
            Window.Title=Any
            Window.Class=#32770
            Dlg.CtrlId.OK=1
            Dlg.CtrlId.UserName=1502
            Dlg.CtrlId.Password=1503
            Dlg.CtrlId.Domain=1504
            Option.CaptureFromDlg=Yes
            Option.EntryMode.UserName=0
            Option.EntryMode.Password=0
            Option.EntryMode.Domain=2

            [MSGina.XP.LockedDialog]
            OS.MajorVersion=5
            OS.MinorVersion=01
            OrigDll.Name=MSGINA.DLL
            Window.Title=Any
            Window.Class=#32770
            Dlg.CtrlId.OK=1
            Dlg.CtrlId.UserName=1953
            Dlg.CtrlId.Password=1954
            Dlg.CtrlId.Domain=1956
            Option.CaptureFromDlg=Yes
            Option.EntryMode.UserName=0
            Option.EntryMode.Password=0
            Option.EntryMode.Domain=2

            [MSGina.WIN2003.LogonDialog]
            OS.MajorVersion=5
            OS.MinorVersion=02
            OrigDll.Name=MSGINA.DLL
            Window.Title=Any
            Window.Class=#32770
            Dlg.CtrlId.OK=1
            Dlg.CtrlId.UserName=1502
            Dlg.CtrlId.Password=1503
            Dlg.CtrlId.Domain=1504
            Option.CaptureFromDlg=Yes
            Option.EntryMode.UserName=0
            Option.EntryMode.Password=0
            Option.EntryMode.Domain=2


            [NWGina.NT.LogonDialog]
            OS.MajorVersion=Any
            OS.MinorVersion=Any
            OrigDll.Name=NWGINA.DLL
            OrigDll.FileVersion=x.x.x.x
            Window.Title=Any
            Window.Class=#32770
            Dlg.CtrlId.OK=1
            Dlg.CtrlId.UserName=1202
            Dlg.CtrlId.Password=1204
            Dlg.CtrlId.Domain=1001
            Option.CaptureFromDlg=Yes
            Option.EntryMode.UserName=0
            Option.EntryMode.Password=1
            Option.EntryMode.Domain=0

            [NWGinaJP.NT.LogonDialog]
            OS.MajorVersion=Any
            OS.MinorVersion=Any
            OrigDll.Name=NWGINA.DLL
            OrigDll.FileVersion=x.x.x.x
            Window.Title=Any
            Window.Class=#32770
            Dlg.CtrlId.OK=1
            Dlg.CtrlId.UserName=3002
            Dlg.CtrlId.Password=3004
            Dlg.CtrlId.Domain=1001
            Option.CaptureFromDlg=Yes
            Option.EntryMode.UserName=0
            Option.EntryMode.Password=1
            Option.EntryMode.Domain=0

            [FSSGina.XP.LogonDialog]
            OS.MajorVersion=5
            OS.MinorVersion=01
            OrigDll.Name=FSSGINA.DLL
            Window.Title=Any
            Window.Class=Any
            Dlg.CtrlId.OK=1
            Dlg.CtrlId.UserName=0
            Dlg.CtrlId.Password=1001
            Dlg.CtrlId.Domain=0
            Option.CaptureFromDlg=Yes
            Option.EntryMode.UserName=0
            Option.EntryMode.Password=1
            Option.EntryMode.Domain=2

            [FSSGina.XP.LockedDialog]
            ;This Section for Macnica specifc FSS Gina
            OS.MajorVersion=5
            OS.MinorVersion=01
            OrigDll.Name=FSSGINA.DLL
            Window.Title=Any
            Window.Class=Any
            Dlg.CtrlId.OK=1
            Dlg.CtrlId.UserName=0
            Dlg.CtrlId.Password=1001
            Dlg.CtrlId.Domain=0
            Option.CaptureFromDlg=Yes
            Option.EntryMode.UserName=0
            Option.EntryMode.Password=1
            Option.EntryMode.Domain=2


            [NWGina.BIA.LogonDialog]
            OS.MajorVersion=Any
            OS.MinorVersion=Any
            OrigDll.Name=NWGINA.DLL
            Window.Title=Any
            Window.Class=#32770
            Dlg.CtrlId.OK=1
            Dlg.CtrlId.UserName=1502
            Dlg.CtrlId.Password=1503
            Dlg.CtrlId.Domain=1504
            Option.CaptureFromDlg=Yes
            Option.EntryMode.UserName=0
            Option.EntryMode.Password=0
            Option.EntryMode.Domain=2

            [NWGina.BIA.LockedDialog]
            OS.MajorVersion=Any
            OS.MinorVersion=Any
            OrigDll.Name=NWGINA.DLL
            Window.Title=Any
            Window.Class=#32770
            Dlg.CtrlId.OK=1
            Dlg.CtrlId.UserName=1953
            Dlg.CtrlId.Password=1954
            Dlg.CtrlId.Domain=1956
            Option.CaptureFromDlg=Yes
            Option.EntryMode.UserName=0
            Option.EntryMode.Password=0
            Option.EntryMode.Domain=2

            ;----------------------------------------------------------------------------
            ; The logon window definition sections for Win9x/ME
            ;
            [MSNP.9x.LogonDialog]
            OS.MajorVersion=4
            OS.MinorVersion=Any
            OrigDll.Name=MSNP32.DLL
            OrigDll.FileVersion=x.x.x.x
            Window.Title=Any
            Window.Class=#32770
            Dlg.CtrlId.OK=1
            Dlg.CtrlId.UserName=21
            Dlg.CtrlId.Password=23
            Dlg.CtrlId.Domain=25
            Option.CaptureFromDlg=Yes
            Option.EntryMode.UserName=0
            Option.EntryMode.Password=0
            Option.EntryMode.Domain=0

            [NWNP.9x.LogonDialog]
            OS.MajorVersion=4
            OS.MinorVersion=Any
            OrigDll.Name=NOVELLNP.DLL
            OrigDll.FileVersion=x.x.x.x
            Window.Title=Any
            Window.Class=#32770
            Dlg.CtrlId.OK=1
            Dlg.CtrlId.UserName=1202
            Dlg.CtrlId.Password=1204
            Dlg.CtrlId.Domain=1001
            Option.CaptureFromDlg=Yes
            Option.EntryMode.UserName=0
            Option.EntryMode.Password=1
            Option.EntryMode.Domain=0

            [NWNPJP.9x.LogonDialog]
            OS.MajorVersion=4
            OS.MinorVersion=Any
            OrigDll.Name=NOVELLNP.DLL
            OrigDll.FileVersion=x.x.x.x
            Window.Title=Any
            Window.Class=#32770
            Dlg.CtrlId.OK=1
            Dlg.CtrlId.UserName=3002
            Dlg.CtrlId.Password=3004
            Dlg.CtrlId.Domain=1001
            Option.CaptureFromDlg=Yes
            Option.EntryMode.UserName=0
            Option.EntryMode.Password=1
            Option.EntryMode.Domain=0
            • 3. RE: SBGINA.ini dump
              I already have sbgina.ini (I wrote most of it). :p

              it's the trace file I need. (see top few lines).

              Simon.
              • 4. RE: SBGINA.ini dump
                GSI: Change the following:
                Trace.LogonWindowInfo=No

                to
                Trace.LogonWindowInfo=Yes


                Then the LOGONWND.TXT is the file that Simon is looking for.
                • 5. RE: SBGINA.ini dump
                  That's my real problem ! When SafeBoot is installed on the Workstation, I cannot install iPass 3.5 - it says there is an incompatible GINA and stops the installer. When I install iPass first and then SafeBoot afterwards, iPass is kind of blanked out (at least it seems to be) of the GINA chaining. So the Tracefile contains nothing useful about the iPass GINA. I hoped that there is someone out there, who has a sbgina.ini WITH the iPass sections ...
                  • 6. RE: SBGINA.ini dump
                    The trace from a machine that has the other GINA installed will provide McAfee the info they need to help. Change the NO to a YES, reboot, login, and then post that log. I'll point you to a few resources later when I'm not on my mobile to explain it a bit better, but that's the first step.
                    • 7. RE: SBGINA.ini dump
                      if Ipass is saying it can't install, then really you need to speak to them about this.

                      You will need to install EEPC last though, as we have to be in charge to do the Windows Logon.

                      are you sure iPass is blanked out of the trace? We simply shim the existing gina, we don't replace it or do anything else.
                      • 8. RE: SBGINA.ini dump
                        Yes, after the installation of SafeBoot the iPassLLGina.dll gets unchained ! I added this DLL again into the chain and finally I've been able to create a trace with the entries from iPassGINA. After some doing some "comparative behavioral research" I believe that I've found a solution which works.

                        I added the following sections and entries into the sbgina.ini:

                        .
                        Window12=iPass.BIA.LogonDialog
                        .
                        [iPass.BIA.LogonDialog]
                        OS.MajorVersion=Any
                        OS.MinorVersion=Any
                        OrigDll.Name=iPassLLGina.dll
                        Window.Title=Any
                        Window.Class=#32770
                        Dlg.CtrlId.OK=1
                        Dlg.CtrlId.UserName=2002
                        Dlg.CtrlId.Password=2003
                        Dlg.CtrlId.Domain=2004
                        Option.CaptureFromDlg=Yes
                        Option.EntryMode.UserName=0
                        Option.EntryMode.Password=0
                        Option.EntryMode.Domain=2
                        .
                        .

                        After a restart of my test device the SSO feature worked perfectly and also a relogon to XP was successful. If there might be some other things I should do, please let me know.

                        Thanks for your efforts and help, I really appreciate it !:o
                        • 9. RE: SBGINA.ini dump
                          You also want to test a local password change, both forced (users password expires) and also on demand (user presses CTRL+ALT+DELETE->Change Password). It should work, but you want to make sure that SafeBoot is picking up on the change and that on your next reboot you can use your new password.