Setup Guide for AD FS 3.0 on the Apprenda Platform
|
|
- Griselda Sparks
- 8 years ago
- Views:
Transcription
1 Setup Guide for AD FS 3.0 on the Apprenda Platform Last Updated for Apprenda The Apprenda Platform leverages Active Directory Federation Services (AD FS) to support identity federation. AD FS and the Apprenda Platform can then be configured to authenticate against an external user store (e.g. Active Directory). In Apprenda terminology, AD FS instances that are leveraged and managed by the Apprenda Platform are called AD FS nodes. For those who may not be familiar with AD FS setup, this guide provides information on configuring AD FS nodes for use with the Apprenda Platform. Setup information is based on scenarios that have been configured and tested by the Apprenda Client Services team. Notable characteristics of AD FS 3.0: AD FS 3.0 is available as a role on Windows Server 2012 R2. Although earlier versions of AD FS offered a stand-alone federation server option, AD FS 3.0 can be installed only as a federation server farm. Note that you can set up a farm with only one server (and add servers later as needed). AD FS 3.0 configuration requires a domain administrator account. The account is required for setup only and will no longer be needed once AD FS setup is complete, but will be required again in the future if configuration changes must be made (e.g., adding a node to the farm). Unlike earlier versions of AD FS, an underlying installation of IIS is not required for AD FS 3.0. IT professionals who are familiar with AD FS setup and configuration should feel free to forego this guide and configure AD FS nodes to meet the basic Apprenda requirements outlined in the Pre-Installation Checklist while keeping in accordance with the procedures outlined by their own enterprise IT policy. Contents Apprenda AD FS Configuration Pre-requisites... 2 Configuration for an AD FS Federation Server Farm... 6 Install Apprenda with an AD FS Federation Server Farm Appendix 1: Understanding AD FS Trust Relationships... 18
2 2 APPRENDA AD FS CONFIGURATION PRE-REQUISITES The following should be performed prior to configuring AD FS and installing the Apprenda Platform. Apprenda Windows App Server Pre-requisites AD FS nodes will also act as Apprenda Windows Application Servers, as they host the Apprenda Windows Host in order to support the Apprenda Federation WCF service. As such, they must meet all the requirements for Windows Application Servers (including all hardware and software requirements for Apprenda Platform Windows Servers in general) listed in the Pre-Installation Checklist. Federation Service and Site Name Each AD FS node must run AD FS under a service name (and hosts. For an AD FS Federation Service farm, the service name must be the same across all AD FS nodes. The following form is suggested (where cloudurl is the root URL that will be used in one of the clouds on your Apprenda environment): identity.cloudurl. If, for instance, the cloudurl planned for one of the clouds on your Apprenda environment is apprenda.fedtest, the suggested identity service and site name would be identity.apprenda.fedtest. DNS Setup A DNS A record entry must be set up that points the identity site name (e.g., identity.cloudurl) to the AD FS node(s). If you will use more than one AD FS node, a load balancer may be used to distribute traffic; alternately, a round-robin DNS setup will suffice. Accounts Install account The account under which AD FS is configured must have domain administrator privileges on each AD FS node. A check made by the AD FS 3.0 Configuration Wizard (and related Powershell commands) requires domain administrator privileges (and prevents workarounds to this requirement that were available in earlier versions of AD FS). AD FS Service account You will need a dedicated Service Account under which the AD FS service will run on all AD FS nodes. You may use a domain user account or, if supported on your domain, a group Managed Service Account. The account will be granted Log on as a Service rights on the AD FS nodes during the AD FS configuration process, as the AD FS service will log on as this account. It is important that you (or your
3 3 IT department) ensure that Group Policy settings will not disable the Log on as a Service permission for this account. Certificates AD FS requires a certificate for three different purposes: SSL certificate (you must provide this) Token Signing certificate (can be provided or generated through AD FS) Token Decrypting certificate (can be provided or generated through AD FS) SSL and Root Certificates You will need an SSL certificate in.pfx format where the CN matches the federation service/site name (e.g., identity.cloudurl) or the CN is a wildcard for the cloudurl of the environment (e.g., *.cloudurl). Unless it is already installed on the AD FS nodes (as is common practice in some enterprise IT or when using certificates from a commercial provider), you will also need the root certificate used to issue the SSL certificate. Once you have obtained the certificate(s), the following must be performed on each AD FS node: Open the MMC Certificate Snap-in: Open MMC (which should be included on all Windows OS) Under File choose Add/Remove Snap-in Select the Certificates snap-in and click Add. Select Computer account, then click Next. Select Local computer, then click Finish. Click OK to open the snap-in. Import the SSL certificate: Under Certificates (Local Computer), right-click on the Personal folder and select All Tasks > Import to open the Certificate Import Wizard. Click Next. Use the browse functionality to select the SSL certificate, then click Next. Type the password for the certificate and select Mark this key as exportable. Click Next. Choose the option to place all certificates in the Personal certificate store and click Next. Click Finish to complete the process. The certificate will now appear in the Personal > Certificates folder. Grant the AD FS Service Account permission to manage the private keys for the SSL certificate: Right-click on the SSL certificate and select All Tasks > Manage Private Keys. Add the AD FS Service Account to the list of Group or user names. Grant the account Full control.
4 4 Import the root certificate (issuer of the SSL certificate) as a Trusted Certificate Authority: Under Certificates (Local Computer), right-click on the Trusted Root Certification Authorities folder and select All Tasks > Import to open the Certificate Import Wizard. Click Next. Use the browse functionality to select the root certificate, then click Next. Choose the option to place all certificates in the Trusted Root Certification Authorities certificate store and click Next. Click Finish to complete the process. The certificate will now appear in the Trusted Root Certification Authorities > Certificates folder. Token Signing Certificate and Token Decrypting Certificate For the Token Signing and Token Decrypting certificates, you may provide certificates (recommended) or you may enable the Automatic Certificate Rollover Feature in AD FS, which will create and manage selfsigned certificates. When this feature is enabled, managed certificates hit their expiration date, AD FS will create new self-signed certificates and replace them. You may specify certificates when configuring the AD FS service. Depending on your organizational needs, you may choose to use a separate certificate for each certificate type, or you may choose to simply use the AD FS SSL certificate for the Token Signing and Token Decrypting certificates. We recommend using the certificate that will be used as the Apprenda Platform Signing certificate as the AD FS Token Signing certificate. This certificate may also be used for the Token Decrypting certificate. In all cases, be mindful of any expiration dates on the certificates, as expired certificates that are not managed by AD FS must be replaced. Please Note: The AD FS configuration process will set up a Token Signing certificate as per your specification (either one that you specify or one that is managed by AD FS). After the Apprenda installation completes, however, this certificate will be marked as the Secondary Token Signing certificate, and the Apprenda installer will configure AD FS to use the Apprenda Platform Signing certificate as the Primary Token Signing certificate in AD FS. This is necessary in order for the Apprenda Platform to locate (and therefore control) the certificate that will be used for AD FS Token Signing so that Apprenda workloads can properly validate the source of the claims they receive. Importing Additional Certificates If Automatic Certificate Rollover is disabled and certificates other than the AD FS SSL certificate will be used, they should be imported into the Personal Certificate Store as per the procedures outlined in the Import the SSL Certificate step above. You should also follow the steps outlined in the Grant the AD FS Service Account permission to manage the private keys for the SSL certificate section above for each additional certificate.
5 5 Locating Certificate Thumbprints Some of the installation steps below require the thumbprint for a certificate. The thumbprint of a certificate can be located as follows: In the MMC Certificate Snap-in, open the Personal > Certificates folder. Right-click on the certificate and select Open. The thumbprint for the certificate is listed on the Details tab. Click on the thumbprint row to view the thumbprint in the lower window (where you can copy it). SQL Server or Windows Internal Database AD FS requires a database to store configuration data. One of the following can be used: Recommended: An instance of SQL Server where an AD FS database can be created. The instance must be configured beforehand (preferably as a failover cluster if HA and/or scale is a concern). The following account permissions are required to use this option: o The account used to install/configure AD FS must have permissions to create the necessary AD FS configuration databases and grant permissions to the AD FS service account. This can be achieved by granting the SQL Server sysadmin role during AD FS installation. o The AD FS Service Account must be given access to the SQL Server instance; it will be granted permission to read the necessary AD FS configuration databases. o The SQL instance must be configured to Allow Remote Connections. Windows Internal Database, which is included with the AD FS installation. It should be noted that this option limits the total number of servers allows in an AD FS farm to five. SQL Server is recommended as it offers HA and scalability when a failover cluster is used. It also allows for future addition/removal of AD FS nodes by removing ties to a Windows Internal Database instance on a given AD FS node. For this reason, the Windows Internal Database options should be used only in lab environments where upgrading to a different version of AD FS will not be a concern. As per Microsoft s documentation, the following versions of SQL can be used with AD FS 3.0: SQL Server 2008 /R2 SQL Server 2012 SQL Server 2014 AD FS 3.0 Installed AD FS 3.0 is available on Windows Server 2012 R2 only. To install, simply add the Active Directory Federation Services Role through the Server Manager. Please note that all AD FS nodes within an AD FS Web Farm must run the same version of AD FS.
6 6 CONFIGURATION FOR AN AD FS FEDERATION SERVER FARM The instructions below outline the configuration steps for an AD FS Farm using SQL Server for the AD FS Configuration database. Checklist: DNS entry or entries have been configured. A dedicated AD FS Service Account has been created; Group Policy grants this account Log on as a Service rights. Credentials for a domain administrator account that can be used to configure AD FS; this user should also have local administrator privileges on the AD FS nodes. A dedicated SQL instance for the AD FS Configuration DB has been set up. o The install user has sysadmin permissions for the duration of AD FS installation and configuration. o The AD FS Service Account has read access to the instance. All certificates you will use are installed on the machine as noted above. The thumbprint for the identity SSL certificate you will use (see the Certificates section above) is on hand. If you are not installing using an account with domain admin permissions, the thumbprints for the Token Signing and Token Decrypting certificates are also on hand. AD FS has been installed on all AD FS nodes. Install the First Node in the Federation Farm PERFORM INITIAL AD F S CONFIGURATION STEP S The initial AD FS Configuration for the first node of a Federation Farm can be performed through the AD FS GUI Wizard or via AD FS Powershell commands. Both options are described below. Initial Configuration Option 1: AD FS GUI Wizard The AD FS GUI Wizard can be used to configure the initial AD FS node. Use this option only if you want AD FS to manage the Token Signing and Decrypting Certificates. If you want to specify the Token Signing and Token Decrypting certificates, use the Powershell Option below. 1. Launch the AD FS Configuration Wizard. This can be done through the Configure the federation service on this server option under the Notifications flag in the Server Manager console:
7 7 2. Select Create the first federation server in a federation server farm and click Next. 3. If the executing user (the user account under which you logged in to the server) is not a domain administrator, provide the credentials for an account that has domain administrator privileges and then click Next.
8 8 4. Specify the AD FS Service Properties: a. Select the certificate that will be used for the identity SSL certificate. b. If the certificate CN has a wildcard prefix (i.e., *.cloudurl), adjust the Federation Service Name so that it matches the Federation Service Name for which the DNS entry was configured (e.g., identity.cloudurl). If the certificate does not have a wildcard prefix (i.e., identity.cloudurl), the Federation Service Name will update automatically to match the CN of the SSL certificate. c. Specify a friendly name for the Federation Service Display Name. d. Click Next. 5. Select User an existing domain user account or group Managed Service Account. Specify the credentials for the AD FS Service Account you will use and click Next. 6. Select Specify the location of a SQL Server database. a. In the Database Host Name field, type the name of the server that houses the SQL Server instance that you will host the AD FS configuration databases. b. If using a named instance (i.e., not the default instance), type the instance name in the Database Instance field. c. Click Next.
9 9 7. The Wizard will now summarize the options; review these options, and use the Previous buttons in the installer to make changes if anything is amiss. If you wish, you may click on the View script button in order to export a Powershell script that can be used for automating additional installations. Click Next. 8. The Wizard will now run a series of pre-requisite checks in order to validate your configuration options. Once it has passed successfully, the Configure button will become enabled. Click on the Configure button to complete the installation. 9. Proceed to the Finalize AD FS Service Configuration section below. Initial Configuration Option 2: Powershell The initial AD FS node may alternately be configured using AD FS Powershell commands. The examples below specify the Token Signing and Token Decrypting certificates. If you prefer to let AD FS manage these certificates, simply omit the SigningCertificateThumbprint and DecryptionCertificateThumbprint parameters. Please note that full documentation on AD FS Powershell cmdlets can be found at OPTION 2A: IF THE AD FS SERVICE ACCOUNT IS A DOMAIN ACCOUNT 1. Open Powershell as a user with Domain Administrator privileges. 2. If the AD FS Service Account is a domain account, run the following command, which will prompt you to enter the credentials for the AD FS Service Account user: $fscredential = Get-Credential 3. Update the following command by replacing the X placemarkers with the values specific to your AD FS setup: Install-AdfsFarm CertificateThumbprint XX -FederationServiceName XX -ServiceAccountCredential $fscredential -SQLConnectionString "Data Source=SQLHost;Integrated Security=True" -SigningCertificateThumbprint XX -DecryptionCertificateThumbprint XX OverwriteConfiguration -FederationServiceName should be the name of the service (identity.cloudurl) $fscredential will retrieve the AD FS Service Account information stored in the previous command SQLHost corresponds to the SQL Server instance in which the AD FS databases will be stored. NOTE: -OverwriteConfiguration will wipe and any existing AD FS database that you already have in the specified SQL Server instance.
10 10 Example Install-AdfsFarm CertificateThumbprint 8169c52b4ec6e77eb2ae17f028fe5da4e35c0bed -FederationServiceName identity.apprenda.fedtest -ServiceAccountCredential $fscredential -SQLConnectionString "Data Source=Server01\Instance01;Integrated Security=True" -SigningCertificateThumbprint 8169c52b4ec6e77eb2ae17f028fe5da4e35c0bed -DecryptionCertificateThumbprint cf2e5064c521d625c8d53536bc98aa8e08f5f2ad -OverwriteConfiguration 4. Run the updated command 5. Proceed to the Finalize AD FS Service Configuration section below. OPTION 2B: IF THE AD FS SERVICE ACCOUNT IS A GROUP MANAGED SERVICE ACCOUNT 1. Open Powershell as a user with Domain Administrator privileges. 2. Update the following command by replacing the X placemarkers with the values specific to your AD FS setup: Install-AdfsFarm CertificateThumbprint XX -FederationServiceName XX -GroupServiceAccountIdentifier DOMAIN\Account -SQLConnectionString "Data Source=SQLHost;Integrated Security=True" -SigningCertificateThumbprint XX -DecryptionCertificateThumbprint XX OverwriteConfiguration -FederationServiceName should be the name of the service (identity.cloudurl) -GroupServiceAccountIdentifier specifies AD FS Service Account SQLHost corresponds to the SQL Server instance in which the AD FS databases will be stored. NOTE: -OverwriteConfiguration will wipe and any existing AD FS database that you already have in the specified SQL Server instance. Example Install-AdfsFarm CertificateThumbprint 8169c52b4ec6e77eb2ae17f028fe5da4e35c0bed -FederationServiceName identity.apprenda.fedtest -GroupServiceAccountIdentifier CONTOSO\GroupAccount01 -SQLConnectionString "Data Source=Server01\Instance01;Integrated Security=True" -SigningCertificateThumbprint 8169c52b4ec6e77eb2ae17f028fe5da4e35c0bed -DecryptionCertificateThumbprint cf2e5064c521d625c8d53536bc98aa8e08f5f2ad -OverwriteConfiguration 3. Run the updated command. 4. Proceed to the Finalize AD FS Service Configuration section below.
11 11 FINALIZE AD FS SERVI CE CONFIGURATION FOR THE FIRST NODE 1. Open the AD FS Manager and click on Edit Federation Service Properties. 2. Change the Federation Service identifier to match the following pattern (the final slash is critical):
12 12 3. Click on Apply when done. 4. Restart the Federation Service via the Windows Services window. It is listed as Active Directory Federation Services. Join Additional Nodes to the Federation Server Farm Additional AD FS nodes can be joined to an existing Federation Server Farm through the AD FS GUI Wizard or via AD FS Powershell commands. Both options are described below. Join Additional Nodes to the Federation Server Farm Option 1: AD FS GUI Wizard 1. Launch the AD FS Configuration Wizard. This can be done through the Configure the federation service on this server option under the Notifications flag in the Server Manager console:
13 13 2. Select Add a federation server to a federation server farm and click Next. 3. If the executing user (the user account under which you logged in to the server) is not a domain administrator, provide the credentials for an account that has domain administrator privileges and then click Next. 4. Select Specify the database location for an existing farm using SQL Server. a. In the Database Host Name field, type the name of the server that houses the SQL Server instance that hosts the AD FS configuration databases. b. If using a named instance (i.e., not the default instance), type the instance name in the Database Instance field. 5. Select the certificate that will be used for the identity SSL certificate. Click Next. 6. Select the AD FS Service account (the same account that was used for the first node in the farm). As needed, type in the password for the account. Click Next. 7. The Wizard will now summarize the options; review these options, and use the Previous buttons in the installer to make changes if anything is amiss. If you wish, you may click on the View script button in order to export a Powershell script that can be used for automating additional installations. Click Next. 8. The Wizard will now run a series of pre-requisite checks in order to validate your configuration options. Once it has passed successfully, the Configure button will become enabled. Click on the Configure button to complete the installation. 9. Open AD FS manager and confirm Federation Service Identifier matches identity.rooturl/adfs/ls/.
14 14 Join Addition Nodes to the Federation Server Farm Option 2: Powershell Please note that full documentation on AD FS Powershell cmdlets can be found at OPTION 2A: IF THE AD FS SERVICE ACCOUNT IS A DOMAIN ACCOUNT 1. Open Powershell as a user with Domain Administrator privileges. 2. If the AD FS Service Account is a domain account, run the following command, which will prompt you to enter the credentials for the AD FS Service Account user: $fscredential = Get-Credential 3. Update the following command by replacing the X placemarkers with the values specific to your AD FS setup: Add-AdfsFarmNode -ServiceAccountCredential $fscredential -SQLConnectionString "Data Source=SQLHost;Integrated Security=True" CertificateThumbprint XX $fscredential will retrieve the AD FS Service Account information stored in the previous command SQLHost corresponds to the SQL Server instance in which the AD FS databases are be stored. Example Add-AdfsFarmNode -ServiceAccountCredential $fscredential -SQLConnectionString "Data Source=Server01\Instance01;Integrated Security=True" CertificateThumbprint 8169c52b4ec6e77eb2ae17f028fe5da4e35c0bed 4. Run the updated command 5. Open AD FS manager and confirm Federation Service Identifier matches identity.rooturl/adfs/ls/. OPTION 2B: IF THE AD FS SERVICE ACCOUNT IS A GROUP MANAGED SERVICE ACCOUNT 1. Open Powershell as a user with Domain Administrator privileges. 2. Update the following command by replacing the X placemarkers with the values specific to your AD FS setup: Add-AdfsFarmNode -GroupServiceAccountIdentifier DOMAIN\Account -SQLConnectionString "Data Source=SQLHost;Integrated Security=True" CertificateThumbprint XX -FederationServiceName should be the name of the service (identity.cloudurl) -GroupServiceAccountIdentifier specifies AD FS Service Account
15 15 SQLHost corresponds to the SQL Server instance in which the AD FS databases are stored. Example Add-AdfsFarmNode -GroupServiceAccountIdentifier CONTOSO\GroupAccount01 -SQLConnectionString "Data Source=Server01\Instance01;Integrated Security=True" CertificateThumbprint 8169c52b4ec6e77eb2ae17f028fe5da4e35c0bed 3. Run the updated command 4. Open AD FS manager and confirm Federation Service Identifier matches identity.rooturl/adfs/ls/. INSTALL APPRENDA WITH AN AD FS FEDERATION SERVER FARM At this point we have configured the Federation portion of the installation. Let s go ahead and install the Platform. Because the installer is not designed to accommodate a Federation Server Farm, we will do the following: Select all AD FS Nodes as Application Servers, which will install and configure the Windows Host service. Configure the first AD FS node in the Federation Server Farm as the Apprenda Managed AD FS Host. Manually configure the remaining AD FS Nodes as Apprenda Managed AD FS Hosts. Configure AD FS Nodes as Application Servers in the Apprenda Installer 1. Open the Apprenda Installer. 2. Select the Install option. 3. Select Multi Server and Show Advanced Options. 4. Fill out the necessary information until you reach the What Servers Should We Start Off With? page. 5. In addition to your environment s other servers, be sure to add all AD FS nodes as Application Servers. Configure the first AD FS Node as an Apprenda Managed AD FS Host 1. Continue and fill out the necessary information until you reach the Apprenda Security page. 2. Do not select the Require Authorization to access the System Operations Center (SOC), as skipping this at install will permit authentication troubleshooting. SOC Authorization can be reenabled at a later time. 3. Fill out the Federation Information as follows: a. Apprenda Managed ADFS Host is the name of the first AD FS node in the farm. b. The endpoint is the Federation Service Identifier configured in ADFS.
16 16 4. Complete the Apprenda installation. Grant the AD FS Service Account permission to manage the private keys for the Apprenda Platform Signing Certificate Apprenda Platform installation will add the Apprenda Signing certificate to the certificate store on the AD FS nodes. The AD FS Service Account must have read permissions to the private key for this certificate. Perform the following on all AD FS Nodes. Open the MMC Certificate Snap-in: Open MMC (which should be included on all Windows OS) Under File choose Add/Remove Snap-in Select the Certificates snap-in and click Add. Select Computer account, then click Next. Select Local computer, then click Finish. Click OK to open the snap-in. Grant the AD FS Service Account permission to manage the private keys for the Apprenda Platform Signing certificate: Under Certificates (Local Computer), open the Personal>Certificates folder and locate the Apprenda Platform Signing certificate. Its name should match the pattern cloudurl Signing (e.g., apprenda.fedtest Signing ). Right-click on the Apprenda Signing certificate and select All Tasks > Manage Private Keys. Add the AD FS Service Account to the list of Group or user names. Grant the account Read permissions.
17 17 Manually configure the remaining AD FS Nodes Repeat these steps for each additional AD FS node in the farm. Copy Apprenda AD FS Artifacts to the New AD FS Nodes 1. On the first ADFS node; you will find an AdfsBoostrapper directory in the Apprenda install drive\folder (by default, this will be C:\ApprendaPlatform). 2. Copy the AdfsBootstrapper folder to ApprendaPlatform folder on the additional AD FS node. 3. On the additional AD FS node, look in the AdfsBootstrapper\AttributeStore3.0 folder and locate the Apprenda.Federation.AttributeStore.3.0.dll 4. Copy the Apprenda.Federation.AttributeStore.3.0.dll to the C:\Windows\ADFS directory 5. Restart the AD FS Service. Update the SaaSGrid Core DB 1. Connect to the SaaSGrid Core DB (you can use the install credentials). 2. Look in the Artifact_Host table and get the ID for the additional node. 3. In the Host_Tag table, add a line where host_id= the id of the new node from the Artifact Host table, and tag_id=3 4. In the SOC, deploy the federation service to the additional node. Optional: Configure Application Deployment Policy If desired, move any unneeded services off the federation nodes and set up a deployment policy to only allow the federation service.
18 18 APPENDIX 1: UNDERSTANDING AD FS TRUST RELATIONSHIPS AD FS uses trust relationships to manage how claims are accepted and issued (see Microsoft s AD FS documentation for an explanation of the types of trusts and related terminology used in AD FS). Below is a list of AD FS trust relationships that are either created by Apprenda or must be created manually for certain Apprenda Platform authentication configurations to work. It should be noted that existing claims for an AD FS instance can be viewed in AD FS Manager under the Trust Relationships folder. Trust Relationships Created at Apprenda Platform Installation/UI Deployment Claims Provider Trust (created by Apprenda) When the Apprenda Platform is installed on an environment with AD FS nodes, the installer will create a Claims Provider Trust between the AD FS nodes and the Apprenda Platform. The trust will be located on the Apprenda AD FS nodes: Location: Apprenda AD FS nodes. Type: Claims Provider Trust. Display Name: Apprenda The claim provider s federation metadata field will point to a URL that is dynamically generated by the Apprenda Platform s authentication UI (and depends on the subdomain and cloudurl that has been configured for the Platform): o Format: o Example: Relying Party Trusts (created by Apprenda) When each UI is deployed on the Apprenda Platform (as either part of the Apprenda Platform portals or as part of a guest application), a corresponding Relying Party Trust will be created on the Apprenda AD FS nodes. Location: Apprenda AD FS nodes. Type: Relying Party Trust. The Display Name will typically correspond to the URL of the UI. Trust Relationships for Configuring Apprenda to Work with a Secure Token Service After installation of the Apprenda Platform with AD FS is complete, it is typically configured to work with a Secure Token Service (STS). This involves the following trust relationships.
19 19 Claims Provider Trust (created by Apprenda) PLATFORM-WIDE FEDERATION (WITH A SINGLE STS): Platform-wide federation (typically used to federate against a single external user store) is configured through the User Store page in the System Operations Center. Part of the setup entails entering the federation metadata URL for the STS in the appropriate input box or uploading a metadata file: The Platform will create a Claims Provider Trust on the Apprenda AD FS nodes using the information from the STS metadata URL or file: Location: Apprenda AD FS nodes. Type: Claims Provider Trust. Display Name: Apprenda Platform The claim provider s federation metadata field will point to the metadata URL for the Secure Token Service (if a metadata file is used, the URL information will be extracted from the file). ACCOUNT-LEVEL FEDERATION (WITH ONE STS PER TENANT): The Apprenda Platform can be configured to allow each Tenant account to authenticate against a different STS. In such cases, federation for each Tenant is configured through the Account Portal, where the federation metadata URL for the STS must be entered into the appropriate input box. The Platform will create a Claims Provider Trust on the Apprenda AD FS nodes using the information from the STS metadata URL: Location: Apprenda AD FS nodes.
20 20 Type: Claims Provider Trust. Display Name: the Tenant alias of the corresponding Tenant account. The claim provider s federation metadata field will point to the metadata URL for the STS. Relying Party Trusts (must be created manually) In most cases a Relying Party Trust must be manually configured between the Apprenda AD FS nodes and the STS. Although the setup process will vary depending on the STS used, instructions for configuring a Relying Party Trust in AD FS can be found in Microsoft s online documentation: Typically, your organization will already have an STS in place (along with administrators practiced in managing it). If this is the case, please provide your STS administrator with the metadata URL for the Apprenda AD FS nodes, which can be found in the Configure Identity Federation section of the User Store page in the System Operations Center (for Platform-wide Federation):
ADFS Integration Guidelines
ADFS Integration Guidelines Version 1.6 updated March 13 th 2014 Table of contents About This Guide 3 Requirements 3 Part 1 Configure Marcombox in the ADFS Environment 4 Part 2 Add Relying Party in ADFS
More informationHow To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal 1.1.3 On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (
Avaya one X Portal 1.1.3 Lightweight Directory Access Protocol (LDAP) over Secure Socket Layer (SSL) Configuration This document provides configuration steps for Avaya one X Portal s 1.1.3 communication
More informationLAB 1: Installing Active Directory Federation Services
LAB 1: Installing Active Directory Federation Services Contents Lab: Installing and Configuring Active Directory Federation Services... 2 Exercise 1: installing and configuring Active Directory Federation
More informationAvePoint Meetings 3.2.2 for SharePoint On-Premises. Installation and Configuration Guide
AvePoint Meetings 3.2.2 for SharePoint On-Premises Installation and Configuration Guide Issued August 2015 Table of Contents About AvePoint Meetings for SharePoint... 4 System Requirements... 5 2 System
More informationMicrosoftDynam ics GP 2015. TenantServices Installation and Adm inistration Guide
MicrosoftDynam ics GP 2015 TenantServices Installation and Adm inistration Guide Copyright Copyright 2014 Microsoft Corporation. All rights reserved. Limitation of liability This document is provided as-is.
More informationStep by step guide for installing highly available System Centre 2012 Virtual Machine Manager Management server:
Step by step guide for installing highly available System Centre 2012 Virtual Machine Manager Management server: Here are the pre-requisites for a HA VMM server installation: 1. Failover clustering feature
More informationIntroduction to the EIS Guide
Introduction to the EIS Guide The AirWatch Enterprise Integration Service (EIS) provides organizations the ability to securely integrate with back-end enterprise systems from either the AirWatch SaaS environment
More informationCloud Services ADM. Agent Deployment Guide
Cloud Services ADM Agent Deployment Guide 10/15/2014 CONTENTS System Requirements... 1 Hardware Requirements... 1 Installation... 2 SQL Connection... 4 AD Mgmt Agent... 5 MMC... 7 Service... 8 License
More informationSETUP SSL IN SHAREPOINT 2013 (USING SELF-SIGNED CERTIFICATE)
12/15/2012 WALISYSTEMSINC.COM SETUP SSL IN SHAREPOINT 2013 (USING SELF-SIGNED CERTIFICATE) Setup SSL in SharePoint 2013 In the last article (link below), you learned how to setup SSL in SharePoint 2013
More informationDell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide
Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your computer.
More informationSetting Up SSL on IIS6 for MEGA Advisor
Setting Up SSL on IIS6 for MEGA Advisor Revised: July 5, 2012 Created: February 1, 2008 Author: Melinda BODROGI CONTENTS Contents... 2 Principle... 3 Requirements... 4 Install the certification authority
More informationCopyright 2015 http://itfreetraining.com
This video will install Active Directory Federation Services on Windows Server 2012. In a previous video, an enterprise CA was installed and configured. This video will use that enterprise CA to issue
More informationLT Auditor+ 2013. Windows Assessment SP1 Installation & Configuration Guide
LT Auditor+ 2013 Windows Assessment SP1 Installation & Configuration Guide Table of Contents CHAPTER 1- OVERVIEW... 3 CHAPTER 2 - INSTALL LT AUDITOR+ WINDOWS ASSESSMENT SP1 COMPONENTS... 4 System Requirements...
More informationSecure Messaging Server Console... 2
Secure Messaging Server Console... 2 Upgrading your PEN Server Console:... 2 Server Console Installation Guide... 2 Prerequisites:... 2 General preparation:... 2 Installing the Server Console... 2 Activating
More informationTenrox. Single Sign-On (SSO) Setup Guide. January, 2012. 2012 Tenrox. All rights reserved.
Tenrox Single Sign-On (SSO) Setup Guide January, 2012 2012 Tenrox. All rights reserved. About this Guide This guide provides a high-level technical overview of the Tenrox Single Sign-On (SSO) architecture,
More informationDeploy Remote Desktop Gateway on the AWS Cloud
Deploy Remote Desktop Gateway on the AWS Cloud Mike Pfeiffer April 2014 Last updated: May 2015 (revisions) Table of Contents Abstract... 3 Before You Get Started... 3 Three Ways to Use this Guide... 4
More informationDeploying Remote Desktop Connection Broker with High Availability Step-by-Step Guide
Deploying Remote Desktop Connection Broker with High Availability Step-by-Step Guide Microsoft Corporation Published: May 2010 Abstract This guide describes the steps for configuring Remote Desktop Connection
More informationRoomWizard Synchronization Software Manual Installation Instructions
2 RoomWizard Synchronization Software Manual Installation Instructions Table of Contents Exchange Server Configuration... 4 RoomWizard Synchronization Software Installation and Configuration... 5 System
More informationTool Tip. SyAM Management Utilities and Non-Admin Domain Users
SyAM Management Utilities and Non-Admin Domain Users Some features of SyAM Management Utilities, including Client Deployment and Third Party Software Deployment, require authentication credentials with
More informationSQL Server 2008 and SSL Secure Connection
Ivan Mackintosh 9 January 2013 - v1.0 SQL Server 2008 and SSL Secure Connection This document describes the steps involved for converting an existing SQL Connection to a secure SSL Connection suitable
More informationNSi Mobile Installation Guide. Version 6.2
NSi Mobile Installation Guide Version 6.2 Revision History Version Date 1.0 October 2, 2012 2.0 September 18, 2013 2 CONTENTS TABLE OF CONTENTS PREFACE... 5 Purpose of this Document... 5 Version Compatibility...
More informationHOTPin Integration Guide: Google Apps with Active Directory Federated Services
HOTPin Integration Guide: Google Apps with Active Directory Federated Services Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as
More informationStep-by-step installation guide for monitoring untrusted servers using Operations Manager ( Part 3 of 3)
Step-by-step installation guide for monitoring untrusted servers using Operations Manager ( Part 3 of 3) Manual installation of agents and importing the SCOM certificate to the servers to be monitored:
More informationSecret Server Installation Windows 8 / 8.1 and Windows Server 2012 / R2
Secret Server Installation Windows 8 / 8.1 and Windows Server 2012 / R2 Table of Contents Table of Contents... 1 I. Introduction... 3 A. ASP.NET Website... 3 B. SQL Server Database... 3 C. Administrative
More informationInstallation Guide. SafeNet Authentication Service
SafeNet Authentication Service Installation Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
More informationActive Directory Management. Agent Deployment Guide
Active Directory Management Agent Deployment Guide Document Revision Date: June 12, 2014 Active Directory Management Deployment Guide i Contents System Requirements...1 Hardware Requirements...1 Installation...3
More informationWindows Azure Pack Installation and Initial Configuration
Windows Azure Pack Installation and Initial Configuration Windows Server 2012 R2 Hands-on lab In this lab, you will learn how to install and configure the components of the Windows Azure Pack. To complete
More informationWindows Intune Walkthrough: Windows Phone 8 Management
Windows Intune Walkthrough: Windows Phone 8 Management This document will review all the necessary steps to setup and manage Windows Phone 8 using the Windows Intune service. Note: If you want to test
More informationIntroduction to Directory Services
Introduction to Directory Services Overview This document explains how AirWatch integrates with your organization's existing directory service such as Active Directory, Lotus Domino and Novell e-directory
More informationWhatsUp Gold v16.3 Installation and Configuration Guide
WhatsUp Gold v16.3 Installation and Configuration Guide Contents Installing and Configuring WhatsUp Gold using WhatsUp Setup Installation Overview... 1 Overview... 1 Security considerations... 2 Standard
More informationShavlik Patch for Microsoft System Center
Shavlik Patch for Microsoft System Center User s Guide For use with Microsoft System Center Configuration Manager 2012 Copyright and Trademarks Copyright Copyright 2014 Shavlik. All rights reserved. This
More informationActive Directory Management. Agent Deployment Guide
Active Directory Management Agent Deployment Guide Document Revision Date: April 26, 2013 Active Directory Management Deployment Guide i Contents System Requirements... 1 Hardware Requirements... 2 Agent
More informationHOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services
1 HOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided
More informationO Reilly Media, Inc. 3/2/2007
A Setup Instructions This appendix provides detailed setup instructions for labs and sample code referenced throughout this book. Each lab will specifically indicate which sections of this appendix must
More informationDriveLock Quick Start Guide
Be secure in less than 4 hours CenterTools Software GmbH 2012 Copyright Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise
More informationInstalling and Configuring vcenter Multi-Hypervisor Manager
Installing and Configuring vcenter Multi-Hypervisor Manager vcenter Server 5.1 vcenter Multi-Hypervisor Manager 1.1 This document supports the version of each product listed and supports all subsequent
More informationPassword Reset Server Installation Guide Windows 8 / 8.1 Windows Server 2012 / R2
Password Reset Server Installation Guide Windows 8 / 8.1 Windows Server 2012 / R2 Last revised: November 12, 2014 Table of Contents Table of Contents... 2 I. Introduction... 4 A. ASP.NET Website... 4 B.
More informationStep-By-Step Guide to Deploying Lync Server 2010 Enterprise Edition
Step-By-Step Guide to Deploying Lync Server 2010 Enterprise Edition The installation of Lync Server 2010 is a fairly task-intensive process. In this article, I will walk you through each of the tasks,
More informationDeploying Personal Virtual Desktops by Using RemoteApp and Desktop Connection Step-by-Step Guide
c623242f-20f0-40fe-b5c1-8412a094fdc7 Deploying Personal Virtual Desktops by Using RemoteApp and Desktop Connection Step-by-Step Guide Microsoft Corporation Published: June 2009 Updated: April 2010 Abstract
More informationBuilding the SAP Business One Cloud Landscape Part of the SAP Business One Cloud Landscape Workshop
Building the SAP Business One Cloud Landscape Part of the SAP Business One Cloud Landscape Workshop TABLE OF CONTENTS 1 INTRODUCTION... 3 2 LANDSCAPE DETAILS... 3 2.1 Server Details... 3 2.2 Landscape
More informationsafend a w a v e s y s t e m s c o m p a n y
safend a w a v e s y s t e m s c o m p a n y SAFEND Data Protection Suite Installation Guide Version 3.4.5 Important Notice This guide is delivered subject to the following conditions and restrictions:
More informationConfigure Microsoft Dynamics AX Connector for Mobile Applications
Microsoft Dynamics AX 2012 Configure Microsoft Dynamics AX Connector for Mobile Applications White Paper April 2013 www.microsoft.com/dynamics/ax Send suggestions and comments about this document to adocs@microsoft.com.
More informationInstalling and Configuring a. SQL Server 2012 Failover Cluster
Installing and Configuring a SQL Server 2012 Failover Cluster Edwin M Sarmiento Applies to: SQL Server 2012 SQL Server 2014 P a g e 1 Copyright This document is provided as-is. Information and views expressed
More informationMicrosoft Corporation. Project Server 2010 Installation Guide
Microsoft Corporation Project Server 2010 Installation Guide Office Asia Team 11/4/2010 Table of Contents 1. Prepare the Server... 2 1.1 Install KB979917 on Windows Server... 2 1.2 Creating users and groups
More informationStarWind Virtual SAN Installing & Configuring a SQL Server 2012 Failover Cluster
#1 HyperConverged Appliance for SMB and ROBO StarWind Virtual SAN Installing & Configuring a SQL Server 2012 Failover JANUARY 2015 TECHNICAL PAPER Trademarks StarWind, StarWind Software and the StarWind
More informationIntroduction to Mobile Access Gateway Installation
Introduction to Mobile Access Gateway Installation This document describes the installation process for the Mobile Access Gateway (MAG), which is an enterprise integration component that provides a secure
More informationvcenter Configuration Manager Backup and Disaster Recovery Guide VCM 5.3
vcenter Configuration Manager Backup and Disaster Recovery Guide VCM 5.3 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by
More informationAVG Business SSO Connecting to Active Directory
AVG Business SSO Connecting to Active Directory Contents AVG Business SSO Connecting to Active Directory... 1 Selecting an identity repository and using Active Directory... 3 Installing Business SSO cloud
More informationNETWRIX USER ACTIVITY VIDEO REPORTER
NETWRIX USER ACTIVITY VIDEO REPORTER ADMINISTRATOR S GUIDE Product Version: 1.0 January 2013. Legal Notice The information in this publication is furnished for information use only, and does not constitute
More informationHow To Create An Easybelle History Database On A Microsoft Powerbook 2.5.2 (Windows)
Introduction EASYLABEL 6 has several new features for saving the history of label formats. This history can include information about when label formats were edited and printed. In order to save this history,
More informationInstalling GFI MailArchiver
Installing GFI MailArchiver Introduction This chapter highlights important points you should take into consideration before installing GFI MailArchiver on your network, so that you can make the best decisions
More informationAD RMS Windows Server 2008 to Windows Server 2008 R2 Migration and Upgrade Guide... 2 About this guide... 2
Contents AD RMS Windows Server 2008 to Windows Server 2008 R2 Migration and Upgrade Guide... 2 About this guide... 2 Preparing for the migration or upgrade of an AD RMS cluster... 2 Checklist: Preparing
More informationConfiguring ADFS 3.0 to Communicate with WhosOnLocation SAML
Configuring ADFS 3.0 to Communicate with WhosOnLocation SAML --------------------------------------------------------------------------------------------------------------------------- Contents Overview...
More informationHOTPin Integration Guide: DirectAccess
1 HOTPin Integration Guide: DirectAccess Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is'; Celestix assumes no responsibility
More informationLab 05: Deploying Microsoft Office Web Apps Server
Lab 05: Deploying Microsoft Office Web Apps Server DISCLAIMER 2013 Microsoft Corporation. All rights reserved. Microsoft, Active Directory, Hyper-V, Internet Explorer, Lync, PowerPoint, Silverlight, SQL
More informationDIGIPASS KEY series and smart card series for Juniper SSL VPN Authentication
DIGIPASS KEY series and smart card series for Juniper SSL VPN Authentication Certificate Based 2010 Integration VASCO Data Security. Guideline All rights reserved. Page 1 of 31 Disclaimer Disclaimer of
More informationIntegration Guide. Microsoft Active Directory Rights Management Services (AD RMS) Microsoft Windows Server 2008
Integration Guide Microsoft Active Directory Rights Management Services (AD RMS) Microsoft Windows Server 2008 Integration Guide: Microsoft Active Directory Rights Management Services (AD RMS) Imprint
More informationSpecops Command. Installation Guide
Specops Software. All right reserved. For more information about Specops Command and other Specops products, visit www.specopssoft.com Copyright and Trademarks Specops Command is a trademark owned by Specops
More informationTSM for Windows Installation Instructions: Download the latest TSM Client Using the following link:
TSM for Windows Installation Instructions: Download the latest TSM Client Using the following link: ftp://ftp.software.ibm.com/storage/tivoli-storagemanagement/maintenance/client/v6r2/windows/x32/v623/
More informationSHAREPOINT 2013 IN INFRASTRUCTURE AS A SERVICE
SHAREPOINT 2013 IN INFRASTRUCTURE AS A SERVICE Contents Introduction... 3 Step 1 Create Azure Components... 5 Step 1.1 Virtual Network... 5 Step 1.1.1 Virtual Network Details... 6 Step 1.1.2 DNS Servers
More informationKaspersky Lab Mobile Device Management Deployment Guide
Kaspersky Lab Mobile Device Management Deployment Guide Introduction With the release of Kaspersky Security Center 10.0 a new functionality has been implemented which allows centralized management of mobile
More informationHarePoint Workflow Extensions for Office 365. Quick Start Guide
HarePoint Workflow Extensions for Office 365 Quick Start Guide Product version 0.91 November 09, 2015 ( This Page Intentionally Left Blank ) HarePoint.Com Table of Contents 2 Table of Contents Table of
More informationNetWrix Account Lockout Examiner Version 4.0 Administrator Guide
NetWrix Account Lockout Examiner Version 4.0 Administrator Guide Table of Contents Concepts... 1 Product Architecture... 1 Product Settings... 2 List of Managed Domains and Domain Controllers... 2 Email
More informationACTIVE DIRECTORY DEPLOYMENT
ACTIVE DIRECTORY DEPLOYMENT CASAS Technical Support 800.255.1036 2009 Comprehensive Adult Student Assessment Systems. All rights reserved. Version 031809 CONTENTS 1. INTRODUCTION... 1 1.1 LAN PREREQUISITES...
More informationSafeGuard Enterprise upgrade guide. Product version: 6.1
SafeGuard Enterprise upgrade guide Product version: 6.1 Document date: February 2014 Contents 1 About this guide...3 2 Check the system requirements...4 3 Download installers...5 4 About upgrading...6
More informationInstallation Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit www.specopssoft.
. All right reserved. For more information about Specops Deploy and other Specops products, visit www.specopssoft.com Copyright and Trademarks Specops Deploy is a trademark owned by Specops Software. All
More informationRSA Security Analytics
RSA Security Analytics Event Source Log Configuration Guide Microsoft Windows using Eventing Collection Last Modified: Thursday, July 30, 2015 Event Source Product Information: Vendor: Microsoft Event
More informationMobility Manager 9.0. Installation Guide
Mobility Manager 9.0 Installation Guide LANDESK MOBILITY MANAGER Copyright 2002-2012, LANDesk Software, Inc. and its affiliates. All rights reserved. LANDesk and its logos are registered trademarks or
More informationDeploy App Orchestration 2.6 for High Availability and Disaster Recovery
Deploy App Orchestration 2.6 for High Availability and Disaster Recovery Qiang Xu, Cloud Services Nanjing Team Last Updated: Mar 24, 2015 Contents Introduction... 2 Process Overview... 3 Before you begin...
More informationThese notes are for upgrading the Linko Version 9.3 MS Access database to a SQL Express 2008 R2, 64 bit installations:
These notes are for upgrading the Linko Version 9.3 MS Access database to a SQL Express 2008 R2, 64 bit installations: This document substitutes for STEPS TWO and THREE of the upgrade Game Plan Webpage
More informationMigrating Exchange Server to Office 365
Migrating Exchange Server to Office 365 By: Brien M. Posey CONTENTS Domain Verification... 3 IMAP Migration... 4 Cut Over and Staged Migration Prep Work... 5 Cut Over Migrations... 6 Staged Migration...
More informationActive Directory Installation on Windows Server 2012
Active Directory Installation on Windows Server 2012 What really active directory is..? Active Directory Domain Services (AD DS) is an extensible and scalable directory service you can use to efficiently
More information2X ApplicationServer & LoadBalancer Manual
2X ApplicationServer & LoadBalancer Manual 2X ApplicationServer & LoadBalancer Contents 1 URL: www.2x.com E-mail: info@2x.com Information in this document is subject to change without notice. Companies,
More informationSystem Administration Training Guide. S100 Installation and Site Management
System Administration Training Guide S100 Installation and Site Management Table of contents System Requirements for Acumatica ERP 4.2... 5 Learning Objects:... 5 Web Browser... 5 Server Software... 5
More informationKaseya Server Instal ation User Guide June 6, 2008
Kaseya Server Installation User Guide June 6, 2008 About Kaseya Kaseya is a global provider of IT automation software for IT Solution Providers and Public and Private Sector IT organizations. Kaseya's
More informationNETWRIX PASSWORD MANAGER
NETWRIX PASSWORD MANAGER ADMINISTRATOR S GUIDE Product Version: 6.1 February/2012 Legal Notice The information in this publication is furnished for information use only, and does not constitute a commitment
More informationNetIQ Advanced Authentication Framework - Administrative Tools. Installation Guide. Version 5.1.0
NetIQ Advanced Authentication Framework - Administrative Tools Installation Guide Version 5.1.0 Table of Contents 1 Table of Contents 2 Introduction 3 About This Document 3 NetIQ Advanced Authentication
More informationApp Orchestration Setup Checklist
App Orchestration Setup Checklist This checklist is a convenient tool to help you plan and document your App Orchestration deployment. Use this checklist along with the Getting Started with Citrix App
More informationSophos Mobile Control Installation guide. Product version: 3.5
Sophos Mobile Control Installation guide Product version: 3.5 Document date: July 2013 Contents 1 Introduction...3 2 The Sophos Mobile Control server...4 3 Set up Sophos Mobile Control...10 4 External
More informationWavecrest Certificate
Wavecrest InstallationGuide Wavecrest Certificate www.wavecrest.net Copyright Copyright 1996-2015, Wavecrest Computing, Inc. All rights reserved. Use of this product and this manual is subject to license.
More informationIIS, FTP Server and Windows
IIS, FTP Server and Windows The Objective: To setup, configure and test FTP server. Requirement: Any version of the Windows 2000 Server. FTP Windows s component. Internet Information Services, IIS. Steps:
More informationMICROSOFT BITLOCKER ADMINISTRATION AND MONITORING (MBAM)
MICROSOFT BITLOCKER ADMINISTRATION AND MONITORING (MBAM) MICROSOFT BITLOCKER ADMINISTRATION AND MONITORING (MBAM) Microsoft BitLocker Administration and Monitoring (MBAM) provides a simplified administrative
More informationILTA 2013 - HAND 6B. Upgrading and Deploying. Windows Server 2012. In the Legal Environment
ILTA 2013 - HAND 6B Upgrading and Deploying Windows Server 2012 In the Legal Environment Table of Contents Purpose of This Lab... 3 Lab Environment... 3 Presenter... 3 Exercise 1 Add Roles and Features...
More informationUniversal Management Service 2015
Universal Management Service 2015 UMS 2015 Help All rights reserved. No parts of this work may be reproduced in any form or by any means - graphic, electronic, or mechanical, including photocopying, recording,
More informationQuick Install Guide. Lumension Endpoint Management and Security Suite 7.1
Quick Install Guide Lumension Endpoint Management and Security Suite 7.1 Lumension Endpoint Management and Security Suite - 2 - Notices Version Information Lumension Endpoint Management and Security Suite
More informationS/MIME on Good for Enterprise MS Online Certificate Status Protocol. Installation and Configuration Notes. Updated: October 08, 2014
S/MIME on Good for Enterprise MS Online Certificate Status Protocol Installation and Configuration Notes Updated: October 08, 2014 Installing the Online Responder service... 1 Preparing the environment...
More informationRenew ADFS and ADFS Proxy servers SSL Service Communication certificate
Renew ADFS and ADFS Proxy servers SSL Service Communication certificate There are 3 ADFS servers in the farm, one of them running in the Disaster Recovery network and 3 ADFS Proxy servers in the farm,
More informationExternal Authentication with Citrix Secure Gateway - Presentation server Authenticating Users Using SecurAccess Server by SecurEnvoy
External Authentication with Citrix Secure Gateway - Presentation server Authenticating Users Using SecurAccess Server by SecurEnvoy Contact information SecurEnvoy www.securenvoy.com 0845 2600010 1210
More informationInstalling and Configuring vcloud Connector
Installing and Configuring vcloud Connector vcloud Connector 2.7.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new
More informationLAB 2: Identity Management
LAB 2: Identity Management Contents Lab 2: Identity Management... 2 Exercise 1: install and configure prerequisites for configuring AD FS... 3 Tasks... 3 Exercise 2: adding and verifying a standard domain
More informationNetWrix Password Manager. Quick Start Guide
NetWrix Password Manager Quick Start Guide Contents Overview... 3 Setup... 3 Deploying the Core Components... 3 System Requirements... 3 Installation... 4 Windows Server 2008 Notes... 4 Upgrade Path...
More informationOnly LDAP-synchronized users can access SAML SSO-enabled web applications. Local end users and applications users cannot access them.
This chapter provides information about the Security Assertion Markup Language (SAML) Single Sign-On feature, which allows administrative users to access certain Cisco Unified Communications Manager and
More informationBrowser-based Support Console
TECHNICAL PAPER Browser-based Support Console Mass deployment of certificate Netop develops and sells software solutions that enable swift, secure and seamless transfer of video, screens, sounds and data
More informationCheck Point FDE integration with Digipass Key devices
INTEGRATION GUIDE Check Point FDE integration with Digipass Key devices 1 VASCO Data Security Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document
More informationSophos for Microsoft SharePoint startup guide
Sophos for Microsoft SharePoint startup guide Product version: 2.0 Document date: March 2011 Contents 1 About this guide...3 2 About Sophos for Microsoft SharePoint...3 3 System requirements...3 4 Planning
More informationConfiguration Guide. BES12 Cloud
Configuration Guide BES12 Cloud Published: 2016-04-08 SWD-20160408113328879 Contents About this guide... 6 Getting started... 7 Configuring BES12 for the first time...7 Administrator permissions you need
More informationEnabling Kerberos SSO in IBM Cognos Express on Windows Server 2008
Enabling Kerberos SSO in IBM Cognos Express on Windows Server 2008 Nature of Document: Guideline Product(s): IBM Cognos Express Area of Interest: Infrastructure 2 Copyright and Trademarks Licensed Materials
More informationFile Auditor for NAS, Net App Edition
File Auditor for NAS, Net App Edition Installation Guide Revision 1.2 - July 2015 This guide provides a short introduction to the installation and initial configuration of NTP Software File Auditor for
More informationThis How To guide will take you through configuring Network Load Balancing and deploying MOSS 2007 in SharePoint Farm.
Quick Brief This How To guide will take you through configuring Network Load Balancing and deploying MOSS 2007 in SharePoint Farm. This document will serve as prerequisite for Enterprise Portal deployment
More information