Noodle can be setup for SPNEGO SSO with IWA directly or via onelogin / okta.
The service user specified in the AD settings of Noodle along with the URL is used for IWA. Note that:
- Associate the service account with the SPN
- setspn -U -S HTTP/noodle.domain.tld@DOMAIN.TLD service_account
- setspn -A HTTP/noodle.domain.tld service_account # on Windows server 2008R2
- Add the URL to the Intranet zone in IE settings
- Use http[s]://noodle.domain.tld/SPNEGO.po for IWA
- Logins from the AD Kerbose Server itself are not supported because Windows will attempt NTLM
- On local installs non-primary domains can be used with IWA by placing IgnoreIWADomain = true into internet.conf
Noodle can be setup for SAML SSO via onelogin / okta / etc.
- Paste the URL and fingerprint from your IDP in the Noodle SSO settings
- Use http[s]://noodle.domain.tld/SAML.po
- OneLogin > add app > test connector (idp)
- ACS (Consumer) URL Validator* = .*
- ACS (Consumer) URL* = https://$YOUR_SITE.intra.net/SAML.po
- NameID (fka Email) = Email
- copy relevant information and paste into Noodle
For non managed users there is also an option to use a shortcut and a cookie:
- Add a web shortcut to the users startup
- Enable the "Noodle>System Tools>Settings>User Settings>Remember my login information" feature
- This option will ask for a password if the user ever clicks logout.
- A link can be downloaded from the profile page.
This page is for those who host on their own Windows server and are trying to diagnose the cause of a 404.
- If your browser on the server is displaying the page (http://127.0.0.1) properly, it's a networking problem:
- check port forwarding, routing, firewalls, and dns on the server, client, and every device inbetween.
- If your browser on the server is displaying the wrong page or anything other than a timeout, it's a service conflict (multiserver.log contains "Address already in use"):
- Use a different port or stop and disable other services using port 80.
- Windows - built in:
- sc config http start= disabled
- net stop http /y
- Linux - list what is using the port:
- netstat -lnp | grep ":80"
- If /logs/err.log said it can't find a class:
- use 7z to check no jar files are corrupted.
- If there is no multiserver.log it's a .bat or Java problem:
- run the intranet.bat one line at a time to isolate the problem.
- reinstall Java and update intranet.bat to the new java.exe .
- If there is no java.exe in the task manager it's a config problem:
- look in the log file for errors.
- run a copy of intranet.bat without the loop or exit to find errors not in the log.
If there are any Active Directory issues restart the Noodle service to get a clean log.
If you see something like this in the log file:
2012.12.12 12:12:12: .intranet,ERROR: Can't authenticate to configured LDAP server
2012.12.12 12:12:12: .intranet,ERROR: javax.naming.AuthenticationException:
[LDAP: error code <strong>49</strong> - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data <strong>52e</strong>, v1db0 ]
The part in the square brackets is your Active Directory trying to tell you what went wrong.
525 user not found
52e invalid credentials
530 not permitted to logon at this time
531 not permitted to logon at this workstation
532 password expired
533 account disabled
701 account expired
773 user must reset password
775 user account locked
More Active Directory Troubleshooting information on MSDN
There is a limitation of the PostgreSQL installer if you are using windows domains.
The installer will need to make a posgres user that have write permissions on %PROGRAMFILES%\Postgres.
If the PostgreSQL is/will-be unable to do so, please setup the permissions beforehand. Adding write for "Everyone" or adding rights for a new postgres user with the the default password Pgsq1p@ssword will avert this limitation.
If you tried a normal noodle install and you have a black "upgrade in progress" screen then this is likely the problem. There is no need to reinstall noodle; just uninstall PostgreSQL, set up the permissions, download the PGInstaller and reinstall PostgreSQL.
After you install PostgreSQL you will need to edit the pg_hba.conf and make sure there is a "127.0.0.1/32 password" line.
Next run the init.sql in the Noodle folder with PGAdmin3 one line at a time.
Restart the PostgreSQL then Noodle service.
There are numerous backup methods generally complete or partial, run hot or cold.
A simple method is a cold complete backup:
- Stop Noodle
- Stop the database
- Copy the database folder and the Noodle folder to a different disk
- Start the database
- Start Noodle
- Send the copy to a different physical location
More options for database backups include:
- Hot complete backups: allow a snapshot of your database without stopping anything.
- Hot partial backups: can be used to backup only recent changes, allow for point in time recovery, and reduce server load.
- Hot partial backups: can also be used to keep a warm backup server in case of disaster - at any time it will be a usable exact copy of your production database.
- Cold partial backups: can decrease the time of a cold complete backup.
Production environments should select a backup strategy to maximize flexibility while reducing server load and storage requirements.
For details on backup options please read your database documentation.
Also see the windows postgres example
For MSSQL installations go here.
For Domain Managed Machines go here.
For linux instructions go here
Installing on Windows:
- Download Noodle from here
- Run the installer
- Press next a few times (it will install Java and PGSQL unless you have it, or MSSQL, already installed in which case it will assume you want to setup the connection manually)
- That's it now you can use Noodle in your web browser. Windows server 2016 considers Internet Explorer a security risk so check the config for the selected port and use your desktop web browser.
- Check the log folder for details or ask us for help