Configuring ActiveVOS Identity Service Using LDAP
|
|
- Samuel French
- 8 years ago
- Views:
Transcription
1 Configuring ActiveVOS Identity Service Using LDAP Overview The ActiveVOS Identity Service can be set up to use LDAP based authentication and authorization. With this type of identity service, users and groups can easily be managed in an enterprise wide deployment of ActiveVOS. Using sample users and groups defined in a Microsoft active directory, this technical note describes configuration of ActiveVOS identity service in Apache Tomcat and Oracle WebLogic application servers. Legal Notice Copyright (c) 2011 Active Endpoints Incorporated. Document Revision History Revision Date Author Changes May 2011 AEI First Release
2 Table of Contents ActiveVOS Identity Service Introduction... 3 LDAP Identity Service... 3 Connection Setting Tab... 3 User Tab 4 Groups Tab... 5 User and Group Attribute Mapping... 5 To add an attribute mapping... 6 To delete an attribute mapping... 6 ActiveVOS LDAP Identity Service Configuring ActiveVOS Identity Service with LDAP and Tomcat Setting up Identity Service in ActiveVOS Console Configuring ActiveVOS Identity Service with LDAP and Weblogic Add Active Directory Provider to Default Realm (myrealm) Configure New LDAP Provider Verify LDAP configuration Mapping User Roles and Policies Setting up Identity Service in ActiveVOS Console Human Approval Completed Sample Appendix A Sample server.xml /19
3 ActiveVOS Identity Service Introduction An identity service provides a way for a BPEL process to look up users and groups in an enterprise directory service or database. The ActiveVOS Server identity service is based on one of the following: XML or LDIF Identity Service JDBC Identity Service LDAP Identity Service By providing the communication details for look-up access to your identity service, you can do the following: Run BPEL processes that implement identity-based activities. When a process runs, the person or group specified in the process is looked up in your identity service. Identitybased activities use a system-supplied WSDL, as described in ActiveVOS Designer documentation. For the BPEL for People functionality, specify users or groups to receive tasks into their ActiveVOS or other task client. LDAP Identity Service As mentioned in ActiveVOS help center documentation: erprise.help/html/svrug6-7-2.html While setting the identity service in ActiveVOS console, be sure to map the ActiveVOS Central security role, abtaskclient, to each user that will login to ActiveVOS Central. You can update identity service settings as shown in the following table. Connection Setting Tab Enter the provider-specific connection settings used to establish connectivity to your identity store. Provider Configuration Enable Add a checkmark to use the identity service. Initially the service is disabled since it is not configured and ready for use. Configure the remaining settings, enable the service, and select Update. Provider Type Select LDAP from the drop-down list: Host Enter the LDAP server s DNS name such as ldap1.my-domain-name.com or IP address such as Port Enter the port to use for communications between the ActiveVOS server 3/19
4 Use SSL Trusted keystore file location on the server User DN Password and the LDAP server. The default value is 389. (Optional) Enable this checkbox to provide encrypted transport communication between ActiveVOS and the LDAP service. If you enable this, you must enter a trusted keystore file location in the next field. (Optional) Enter the full path to the aetrustedca.ks file for the Trusted Keystore Path. This file must be accessible by all instances of the server when deployed in a clustered environment. This path is required if SSL is enabled. Enter the user distinguished name. Most directory servers do not allow anonymous access, therefore the username and password is required. The username should be the distinguished name of the user. For Microsoft Active Directory, an example of the user distinguished name is: CN=Administrator, CN=Users, DC=domainname, DC=com (or local) Enter the administrator password for access to the directory service, and confirm it. User Tab Fill in the values as described in the table. User Search Configuration User Enter the root distinguished name to indicate the base search criteria for search authenticated users and groups. base DN For Microsoft Active Directory, an example is: CN=Users, DC=domainname, DC=com (or local) User search filter Users search scope Enter the parameters needed to query the service for users. These parameters should exclude directory objects such as printers, servers, other non-user computers. For Microsoft Active Directory, an example is: &(objectclass=person)(!(objectclass=computer)) To make a directory search efficient, select the appropriate level to search for entries. One Level. Select if the user entries are all at the same level in the directory structure, for example in a folder called Users. Subtree. Select this if user entries are nested in a directory structure. 4/19
5 Groups Tab Fill in the values as described in the table. Group Search Configuration Group Enter the directory tree where you want to start the search. search base For Microsoft Active Directory, an example is: DN CN=Users, DC=domainname, DC=com (or local) Group search filter Group search scope Enter the parameters needed to query the service for groups. These parameters should exclude directory objects such as printers, servers, other non-user computers. For Microsoft Active Directory, an example is: (objectclass=group) To make a directory search efficient, select the appropriate level to search for entries. One Level. Select if the group entries are all at the same level in the directory structure, for example in a folder called Groups. Subtree. Select this if groups are nested in a directory structure. User and Group Attribute Mapping In looking up a user or group in an LDAP or JDBC-based Identity service, ActiveVOS uses a search model that includes several basic identity attributes, including: Users o person o memberof (recommended, if Identity service supports it) o username (required) o o firstname o lastname Groups o groupname (required) o member (required for LDAP) This generic model applies to any Identity service, and you can use it as is, or delete the optional attributes from the model. The memberof Users attribute is recommended for making searches for group members more efficient, especially for cases where a user is a member of multiple groups. Be sure to map a user as memberof all relevant groups and add the user as a member in relevant Groups. If desired, you can add many other search attributes to the basic model, and then use these attributes in LDAP or JDBC people queries from within a BPEL process People activity. When you 5/19
6 add a search attribute from your Identity service, you must map it to a new attribute that gets added to the ActiveVOS search model. For example, if your Identity service includes a logincount attribute, you can add that to the Users or Groups attribute mapping page. The attributes can be loaded into the ActiveVOS Designer Process Deployment Descriptor Editor, where a developer has access to them for creating Logical People Group queries. To add an attribute mapping 1. On the Users or Groups tab of the Identity Service, select Add Attribute. 2. In the Provider Attribute/Column Name column, type in the name of an existing attribute that is in your identity store. 3. In the Model Attribute column, type in the same name or alias for the attribute. 4. Select the data Type from the list. The list contains all types defined by the search model, based on the Higgins Open Source Identity Framework. (ActiveVOS uses Higgins to enable the adding of identity attributes to the search model.) Note that the list also contains two custom types, GroupReference and PersonReference. Use one of these types if you want to reference a group or user by name, rather than by the full distinguished name or primary key defined in the data store. To delete an attribute mapping 1. Select the checkbox next to the Model Attribute field. 2. Select Update. The attribute is removed. The following screenshot shows a sample user setup in Microsoft Active directory, when viewed using apache LDAP browser: 6/19
7 7/19
8 And here are the screenshots that show how a group can be set up. For explanation purposes, two sample groups (loanreps and abtaskclient) have been shown: and 8/19
9 9/19
10 ActiveVOS LDAP Identity Service As mentioned in ActiveVOS help center documentation, you can install ActiveVOS server and Central components by running the installer utility and during this process, you can secure your admin console so that only the authenticated users have access to the ActiveVOS Server and the deployed processes. Also, the ActiveVOS central is by default secured. To provide permission to required groups of users to access ActiveVOS Central, you would need to set identity service in ActiveVOS console. The links below provide more information on ActiveVOS security setup: erprise.help.serverguide/html/svrug3-3.html ladmin.enterprise.help.serverguide/html/svrug3-4.html Configuring ActiveVOS Identity Service with LDAP and Tomcat If you need Tomcat to retrieve usernames, passwords, and roles from an LDAP directory, you can use JNDIRealm. It is a flexible realm implementation it allows you to authenticate users against your LDAP directory of usernames, passwords, and roles, while allowing many schema layouts for that data. To secure ActiveVOS with LDAP, you can follow the steps as listed below: Stop Tomcat. Comment out any sections of the server.xml (located in <Tomcat_HOME> \conf) that references the tomcat-users.xml file. Add a JNDI realm element to the engine element in server.xml, similar to the following: <Realm classname="org.apache.catalina.realm.jndirealm" debug="99" connectionurl="ldap://ldap_server:<port>" connectionname="cn=aeadmin,cn=users,dc=aedomain,dc=activeendpoints,dc=local" connectionpassword="aeadmin" authentication="simple" referrals="follow" usersubtree="true" userbase="dc=aedomain,dc=active-endpoints,dc=local" usersearch="(& (samaccountname={0})(objectclass=user))" userrolename="memberof" rolesubtree="true" rolebase="dc=aedomain,dc=active-endpoints,dc=local" rolename="cn" rolesearch="(& (member={0})(objectclass=group))" /> Start the tomcat server. 10/19
11 Note: The above is just a sample realm. Users will need to modify that as per their Ldap configuration. It is also suggested that the user look up the tomcat documentation (for example: for any help on the configuration. A sample server.xml is included in Appendix A at the end of this Technote. Setting up Identity Service in ActiveVOS Console Once the required users, groups and roles have been setup in LDAP and server.xml properly configured, login to ActiveVOS console as a user who is a member of abadmin role. Navigate to Admin > Identity Service, setup the LDAP based identity service and test it. Sample screenshots are shown below: 11/19
12 12/19
13 13/19
14 You can find the help information regarding configuration ladmin.enterprise.help/html/svrug6-7-2.html. Once configured and tested, navigate to ActiveVOS central ( and login as a user who is a member of abtaskclient. Configuring ActiveVOS Identity Service with LDAP and Weblogic For explanation purpose, the instructions below describe how to configure Weblogic to use Microsoft Active directory for authentication. This provider will be used in addition to the default authenticator. When using multiple providers, you need to change the control flag on the default provider to 'OPTIONAL' instead of 'REQUIRED'. With all providers set to 'OPTIONAL', a user must authenticate with at least one provider, but it doesn't matter which one. Start Admin Server and login to console Navigate to Security Realms Select default realm (typically 'myrealm') Select the 'Providers' tab On the 'Authentication' tab, choose the 'DefaultAuthenticator'. Change the Control Flag from 'REQUIRED' to OPTIONAL Add Active Directory Provider to Default Realm (myrealm) Navigate to Security Realms Select default realm (typically 'myrealm') Select the 'Providers' tab On the 'Authentication' tab, choose 'New' to add a new provider. Enter a name for the provider. Something like 'aeserver' or 'LDAP' is fine. Select 'ActiveDirectoryAuthenticatior' as the type. Choose OK to save new provider. This will return you to the listing of providers. Configure New LDAP Provider Select the new provider you just created On the 'Common' tab, make sure you leave the Control Flag set to 'OPTIONAL'. On the 'Provider Specific' tab, provide values specific to your directory server. Save the changes and restart the weblogic admin server. You may also need to restart the managed server(s) also. Verify LDAP configuration After restarting, login to the console again and navigate back to Security Realms- >myrealm Choose the 'Users and Groups' tab Under Users, you should see users from your LDAP. Under Groups, you should see groups from your LDAP. 14/19
15 Go back to Users and select a user from the LDAP provider. Select the 'Groups' tab for the user and you should see the groups from your LDAP. Mapping User Roles and Policies To use Roles and Policies (e.g. abadmin, abtaskclient, etc.) you first need to have a Security Realm set up, and should have some Users and Groups defined as mentioned above. To add roles and policies you need to do the following: Select Home\Security Realm\<realm name>\roles and Polices. Expand the Global Roles node. Click on the Roles link to add new roles. Select New and enter a role name (e.g. abadmin). Click ok to save. Go back to the Roles and Policies (Select Home\Security Realm\<realm name>\roles and Polices\Global Roles) Expand the Roles node. o - If no conditions have been added to a role, there will be a radio button next to the role name. Select the radio button and click the Edit Role button. o - If there are already conditions added to the role, click the View Role Conditions link. Select the Add Conditions link to add a new condition. Select the predicate List (e.g. Group or User) and click next. Enter the argument name (user or group) and click Add. Click Finish to have that user\group listed as a Role Condition. Click Save to save the role condition. Restart the managed server(s). Setting up Identity Service in ActiveVOS Console Once, the required users, groups and roles have been setup in weblogic admin console, login to ActiveVOS console as a user who is a member of abadmin role. To setup the identity service to be able to login to the central and look up the task information, Navigate to Admin > Identity Service, setup the LDAP based identity service and test it. Please refer to the sample screenshots shown earlier for tomcat setup. You can find the help information regarding configuration at ladmin.enterprise.help/html/svrug6-7-2.html Once configured and tested, navigate to ActiveVOS central ( and login as a user who is a member of abtaskclient. 15/19
16 Human Approval Completed Sample Human Approval Completed is a sample application that is packaged with ActiveVOS designer. You can create an orchestration project in the designer based on this template using File > New > orchestration project > Name your project > Select Human Approval Completed > Finish. This application comes packaged with a couple of sample groups - loanreps, loanmgrs. For testing purposes, you can define these sample groups along with a couple of sample users such as loanrep1, loanmgr1 in your LDAP setup and test your identity service as well as ActiveVOS central. The screenshots shown earlier in this technote should be helpful in this case. 16/19
17 Appendix A Sample server.xml <?xml version='1.0' encoding='utf-8'?> Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. Note: A "Server" is not itself a "Container", so you may not define subcomponents such as "Valves" at this level. Documentation at /docs/config/server.html <Server port="8005" shutdown="shutdown"> APR library loader. Documentation at /docs/apr.html <Listener classname="org.apache.catalina.core.aprlifecyclelistener" SSLEngine="on" /> Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html <Listener classname="org.apache.catalina.core.jasperlistener" /> Prevent memory leaks due to use of particular java/javax APIs <Listener classname="org.apache.catalina.core.jrememoryleakpreventionlistener" /> JMX Support for the Tomcat server. Documentation at /docs/non-existent.html <Listener classname="org.apache.catalina.mbeans.serverlifecyclelistener" /> <Listener classname="org.apache.catalina.mbeans.globalresourceslifecyclelistener" /> Global JNDI resources Documentation at /docs/jndi-resources-howto.html <GlobalNamingResources> Editable user database that can also be used by UserDatabaseRealm to authenticate users <Resource name="userdatabase" auth="container" type="org.apache.catalina.userdatabase" description="user database that can be updated and saved" factory="org.apache.catalina.users.memoryuserdatabasefactory" pathname="conf/tomcat-users.xml" /> </GlobalNamingResources> A "Service" is a collection of one or more "Connectors" that share a single "Container" Note: A "Service" is not itself a "Container", so you may not define subcomponents such as "Valves" at this level. Documentation at /docs/config/service.html <Service name="catalina"> The connectors can use a shared executor, you can define one or more named thread pools <Executor name="tomcatthreadpool" nameprefix="catalina-exec-" maxthreads="150" minsparethreads="4"/> 17/19
18 A "Connector" represents an endpoint by which requests are received and responses are returned. Documentation at : Java HTTP Connector: /docs/config/http.html (blocking & non-blocking) Java AJP Connector: /docs/config/ajp.html APR (HTTP/AJP) Connector: /docs/apr.html Define a non-ssl HTTP/1.1 Connector on port 8080 <Connector port="8080" protocol="http/1.1" connectiontimeout="20000" redirectport="8443" /> A "Connector" using the shared thread pool <Connector executor="tomcatthreadpool" port="8080" protocol="http/1.1" connectiontimeout="20000" redirectport="8443" /> Define a SSL HTTP/1.1 Connector on port 8443 This connector uses the JSSE configuration, when using APR, the connector should be using the OpenSSL style configuration described in the APR documentation <Connector port="8443" protocol="http/1.1" SSLEnabled="true" maxthreads="150" scheme="https" secure="true" clientauth="false" sslprotocol="tls" /> Define an AJP 1.3 Connector on port 8009 <Connector port="8009" protocol="ajp/1.3" redirectport="8443" /> An Engine represents the entry point (within Catalina) that processes every request. The Engine implementation for Tomcat stand alone analyzes the HTTP headers included with the request, and passes them on to the appropriate Host (virtual host). Documentation at /docs/config/engine.html You should set jvmroute to support load-balancing via AJP ie : <Engine name="catalina" defaulthost="localhost" jvmroute="jvm1"> <Engine name="catalina" defaulthost="localhost"> For clustering, please take a look at documentation at: /docs/cluster-howto.html (simple how to) /docs/config/cluster.html (reference documentation) <Cluster classname="org.apache.catalina.ha.tcp.simpletcpcluster"/> The request dumper valve dumps useful debugging information about the request and response data received and sent by Tomcat. Documentation at: /docs/config/valve.html <Valve classname="org.apache.catalina.valves.requestdumpervalve"/> This Realm uses the UserDatabase configured in the global JNDI resources under the key "UserDatabase". Any edits that are performed against this UserDatabase are immediately available for use by the Realm. <Realm classname="org.apache.catalina.realm.userdatabaserealm" resourcename="userdatabase"/> <Realm classname="org.apache.catalina.realm.jndirealm" debug="99" 18/19
19 connectionurl="ldap://your_server:<port>" connectionname="cn=aeadmin,cn=users,dc=aedomain,dc=active-endpoints,dc=local" connectionpassword="your_password" authentication="simple" referrals="follow" usersubtree="true" userbase="dc=aedomain,dc=active-endpoints,dc=local" usersearch="(& (samaccountname={0})(objectclass=user))" userrolename="memberof" rolesubtree="true" rolebase="dc=aedomain,dc=active-endpoints,dc=local" rolename="cn" rolesearch="(& (member={0})(objectclass=group))" /> Define the default virtual host Note: XML Schema validation will not work with Xerces 2.2. <Host name="localhost" appbase="webapps" unpackwars="true" autodeploy="true" xmlvalidation="false" xmlnamespaceaware="false"> SingleSignOn valve, share authentication between web applications Documentation at: /docs/config/valve.html <Valve classname="org.apache.catalina.authenticator.singlesignon" /> Access log processes all example. Documentation at: /docs/config/valve.html <Valve classname="org.apache.catalina.valves.accesslogvalve" directory="logs" prefix="localhost_access_log." suffix=".txt" pattern="common" resolvehosts="false"/> </Host> </Engine> </Service> </Server> 19/19
This document summarizes the steps of deploying ActiveVOS on oracle Weblogic Platform.
logic Overview This document summarizes the steps of deploying ActiveVOS on oracle Weblogic Platform. Legal Notice The information in this document is preliminary and is subject to change without notice
More informationThis document summarizes the steps of deploying ActiveVOS on the IBM WebSphere Platform.
Technical Note Overview This document summarizes the steps of deploying ActiveVOS on the IBM WebSphere Platform. Legal Notice The information in this document is preliminary and is subject to change without
More informationHow To Integrate IIS6 and Apache Tomcat
How To Integrate IIS6 and Apache Tomcat By Glenn Barnas / InnoTech Consulting Group www.innotechcg.com This is a step by step guide to installing Apache Tomcat 6.x on systems running IIS 6.0. The process
More informationBusinessObjects Enterprise XI Release 2
BusinessObjects Enterprise XI Release 2 How to configure an Internet Information Services server as a front end to a WebLogic application server Overview Contents This document describes the process of
More informationMicrosoft Active Directory Oracle Enterprise Gateway Integration Guide
An Oracle White Paper May 2011 Microsoft Active Directory Oracle Enterprise Gateway Integration Guide 1/33 Disclaimer The following is intended to outline our general product direction. It is intended
More informationActive Directory Authenication
Oracle Business Intelligence 11g Active Directory Authenication Antony Heljula November 2012 Page 1 TABLE OF CONTENTS 1. Authentication With Active Directory... 3 1.1 Overview... 3 1.2 Set WebLogic LDAP
More informationNSi Mobile Installation Guide. Version 6.2
NSi Mobile Installation Guide Version 6.2 Revision History Version Date 1.0 October 2, 2012 2.0 September 18, 2013 2 CONTENTS TABLE OF CONTENTS PREFACE... 5 Purpose of this Document... 5 Version Compatibility...
More informationUsing LDAP Authentication in a PowerCenter Domain
Using LDAP Authentication in a PowerCenter Domain 2008 Informatica Corporation Overview LDAP user accounts can access PowerCenter applications. To provide LDAP user accounts access to the PowerCenter applications,
More informationRunning Multiple Shibboleth IdP Instances on a Single Host
CESNET Technical Report 6/2013 Running Multiple Shibboleth IdP Instances on a Single Host IVAN NOVAKOV Received 10.12.2013 Abstract The article describes a way how multiple Shibboleth IdP instances may
More informationRHEV 2.2: REST API INSTALLATION
RHEV 2.2: REST API INSTALLATION BY JAMES RANKIN REVISED 02/14/11 RHEV 2.2: REST API INSTALLATION 1 TABLE OF CONTENTS OVERVIEW PAGE 3 JAVA AND ENVIRONMENT VARIABLES PAGE 3 JBOSS INSTALLATION PAGE 5 REST
More informationJMETER - MONITOR TEST PLAN
http://www.tutorialspoint.com JMETER - MONITOR TEST PLAN Copyright tutorialspoint.com In this chapter, we will discuss how to create a Test Plan using JMeter to monitor webservers. The uses of monitor
More informationManaging Identities and Admin Access
CHAPTER 4 This chapter describes how Cisco Identity Services Engine (ISE) manages its network identities and access to its resources using role-based access control policies, permissions, and settings.
More informationtc Server Administration Guide
tc Server Administration Guide Juliet Shackell 2.0 Copyright 2010 VMware Inc. All rights reserved. Table of Contents 1. Copyright Notice... 1 2. Overview of tc Server Administration... 3 3. Configuring
More informationTIBCO Spotfire Platform IT Brief
Platform IT Brief This IT brief outlines features of the system: Communication security, load balancing and failover, authentication options, and recommended practices for licenses and access. It primarily
More informationEnterprise Knowledge Platform 5.6
Enterprise Knowledge Platform 5.6 EKP Multiple Instance Configurations for Apache2/Tomcat4 Document Information Document ID: EN144 Document title: EKP Multiple Instance Configurations for Apache/Tomcat
More informationWebSpy Vantage Ultimate 2.2 Web Module Administrators Guide
WebSpy Vantage Ultimate 2.2 Web Module Administrators Guide This document is intended to help you get started using WebSpy Vantage Ultimate and the Web Module. For more detailed information, please see
More informationTo install and configure SSL support on Tomcat 6, you need to follow these simple steps. For more information, read the rest of this HOW-TO.
pagina 1 van 6 Apache Tomcat 6.0 Apache Tomcat 6.0 SSL Configuration HOW-TO Table of Contents Quick Start Introduction to SSL SSL and Tomcat Certificates General Tips on Running SSL Configuration 1. Prepare
More informationMobileStatus Server Installation and Configuration Guide
MobileStatus Server Installation and Configuration Guide Guide to installing and configuring the MobileStatus Server for Ventelo Mobilstatus Version 1.2 June 2010 www.blueposition.com All company names,
More information1 Introduction. Windows Server & Client and Active Directory. www.exacq.com
Windows Server & Client and Active Directory 1 Introduction For an organization using Active Directory (AD) for user management of information technology services, integrating exacqvision into the AD infrastructure
More informationLDAP User Guide PowerSchool Premier 5.1 Student Information System
PowerSchool Premier 5.1 Student Information System Document Properties Copyright Owner Copyright 2007 Pearson Education, Inc. or its affiliates. All rights reserved. This document is the property of Pearson
More informationSQL Server Setup for Assistant/Pro applications Compliance Information Systems
SQL Server Setup for Assistant/Pro applications Compliance Information Systems The following document covers the process of setting up the SQL Server databases for the Assistant/PRO software products form
More informationSetup Guide Access Manager 3.2 SP3
Setup Guide Access Manager 3.2 SP3 August 2014 www.netiq.com/documentation Legal Notice THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT ARE FURNISHED UNDER AND ARE SUBJECT TO THE TERMS OF A LICENSE
More informationUpgrading User-ID. Tech Note PAN-OS 4.1. 2011, Palo Alto Networks, Inc.
Upgrading User-ID Tech Note PAN-OS 4.1 Revision B 2011, Palo Alto Networks, Inc. Overview PAN-OS 4.1 introduces significant improvements in the User-ID feature by adding support for multiple user directories,
More informationSSL CONFIGURATION GUIDE
HYPERION RELEASE 9.3.1 SSL CONFIGURATION GUIDE CONTENTS IN BRIEF About This Document... 2 Assumptions... 2 Information Sources... 2 Identifying SSL Points for Hyperion Products... 4 Common Activities...
More informationJAMF Software Server Installation Guide for Windows. Version 8.6
JAMF Software Server Installation Guide for Windows Version 8.6 JAMF Software, LLC 2012 JAMF Software, LLC. All rights reserved. JAMF Software has made all efforts to ensure that this guide is accurate.
More informationTypingMaster Intra. LDAP / Active Directory Installation. Technical White Paper (2009-9)
TypingMaster Intra LDAP / Active Directory Installation Technical White Paper (2009-9) CONTENTS Contents... 2 TypingMaster Intra LDAP / Active Directory White Paper... 3 Background INFORMATION... 3 Overall
More informationBlackBerry Enterprise Service 10. Version: 10.2. Configuration Guide
BlackBerry Enterprise Service 10 Version: 10.2 Configuration Guide Published: 2015-02-27 SWD-20150227164548686 Contents 1 Introduction...7 About this guide...8 What is BlackBerry Enterprise Service 10?...9
More informationRoomWizard Synchronization Software Manual Installation Instructions
2 RoomWizard Synchronization Software Manual Installation Instructions Table of Contents Exchange Server Configuration... 4 RoomWizard Synchronization Software Installation and Configuration... 5 System
More informationF-Secure Messaging Security Gateway. Deployment Guide
F-Secure Messaging Security Gateway Deployment Guide TOC F-Secure Messaging Security Gateway Contents Chapter 1: Deploying F-Secure Messaging Security Gateway...3 1.1 The typical product deployment model...4
More informationSynchronizer Installation
Synchronizer Installation Synchronizer Installation Synchronizer Installation This document provides instructions for installing Synchronizer. Synchronizer performs all the administrative tasks for XenClient
More informationAhsay Offsite Backup Server v5.5. High Availability Option Setup Guide. Ahsay TM Online Backup - Development Department
Ahsay Offsite Backup Server v5.5 High Availability Option Setup Guide Ahsay TM Online Backup - Development Department September 1, 2009 Copyright Notice Ahsay Systems Corporation Limited 2007. All rights
More informationApache Tomcat ISAPI Redirector and Canto Cumulus WPP
Apache Tomcat ISAPI Redirector and Canto Cumulus WPP Chad Gray Carey Color Inc. http://www.careyweb.com/ 9/1/2007 ver 1.0.0 WHY? If you want to run JSP, HTML and.net applications all on one web site you
More informationXenClient Enterprise Synchronizer Installation Guide
XenClient Enterprise Synchronizer Installation Guide Version 5.1.0 March 26, 2014 Table of Contents About this Guide...3 Hardware, Software and Browser Requirements...3 BIOS Settings...4 Adding Hyper-V
More informationLAE 5.1. Windows Server Installation Guide. Version 1.0
LAE 5.1 Windows Server Installation Guide Copyright THE CONTENTS OF THIS DOCUMENT ARE THE COPYRIGHT OF LIMITED. ALL RIGHTS RESERVED. THIS DOCUMENT OR PARTS THEREOF MAY NOT BE REPRODUCED IN ANY FORM WITHOUT
More informationKony MobileFabric. Sync Windows Installation Manual - WebSphere. On-Premises. Release 6.5. Document Relevance and Accuracy
Kony MobileFabric Sync Windows Installation Manual - WebSphere On-Premises Release 6.5 Document Relevance and Accuracy This document is considered relevant to the Release stated on this title page and
More informationAdeptia Suite LDAP Integration Guide
Adeptia Suite LDAP Integration Guide Version 6.2 Release Date February 24, 2015 343 West Erie, Suite 440 Chicago, IL 60654, USA Phone: (312) 229-1727 x111 Fax: (312) 229-1736 DOCUMENT INFORMATION Adeptia
More informationConfiguring the JBoss Application Server for Secure Sockets Layer and Client-Certificate Authentication on SAS 9.3 Enterprise BI Server Web
Configuring the JBoss Application Server for Secure Sockets Layer and Client-Certificate Authentication on SAS 9.3 Enterprise BI Server Web Applications Configuring SSL and Client-Certificate Authentication
More informationField Description Example. IP address of your DNS server. It is used to resolve fully qualified domain names
DataCove DT Active Directory Authentication In Active Directory (AD) authentication mode, the server uses NTLM v2 and LDAP protocols to authenticate users residing in Active Directory. The login procedure
More informationFunambol Exchange Connector v6.5 Installation Guide
Funambol Exchange Connector v6.5 Installation Guide Last modified: May 7, 2008 Table of Contents 1.Introduction...3 1.1. Prerequisites...3 1.2. Related documents...3 2.Funambol Exchange Synchronization
More informationMastering Tomcat Development
hep/ Mastering Tomcat Development Ian McFarland Peter Harrison '. \ Wiley Publishing, Inc. ' Part I Chapter 1 Chapter 2 Acknowledgments About the Author Introduction Tomcat Configuration and Management
More informationContents About the Contract Management Post Installation Administrator's Guide... 5 Viewing and Modifying Contract Management Settings...
Post Installation Guide for Primavera Contract Management 14.1 July 2014 Contents About the Contract Management Post Installation Administrator's Guide... 5 Viewing and Modifying Contract Management Settings...
More information800-782-3762 www.stbernard.com. Active Directory 2008 Implementation. Version 6.410
800-782-3762 www.stbernard.com Active Directory 2008 Implementation Version 6.410 Contents 1 INTRODUCTION...2 1.1 Scope... 2 1.2 Definition of Terms... 2 2 SERVER CONFIGURATION...3 2.1 Supported Deployment
More informationSystem Administration Training Guide. S100 Installation and Site Management
System Administration Training Guide S100 Installation and Site Management Table of contents System Requirements for Acumatica ERP 4.2... 5 Learning Objects:... 5 Web Browser... 5 Server Software... 5
More informationOrchestrating Document and Media Management using CMIS
Orchestrating Document and Media Management using CMIS Technical Note - Integrating ActiveVOS with Alfresco CMIS Services AN ACTIVE ENDPOINTS TECHNICAL NOTE 2009 Active Endpoints Inc. ActiveVOS is a trademark
More informationOpenLDAP Oracle Enterprise Gateway Integration Guide
An Oracle White Paper June 2011 OpenLDAP Oracle Enterprise Gateway Integration Guide 1 / 29 Disclaimer The following is intended to outline our general product direction. It is intended for information
More informationIntegrating PISTON OPENSTACK 3.0 with Microsoft Active Directory
Integrating PISTON OPENSTACK 3.0 with Microsoft Active Directory May 21, 2014 This edition of this document applies to Piston OpenStack 3.0. To send us your comments about this document, e-mail documentation@pistoncloud.com.
More informationConfiguring and Integrating JMX
Configuring and Integrating JMX The Basics of JMX 3 JConsole 3 Adding a JMX Component Monitor to SAM 6 This document includes basic information about JMX and its role with SolarWinds SAM 2 Configuring
More informationwww.novell.com/documentation Administration Guide Novell Filr 1.0.1 May 2014
www.novell.com/documentation Administration Guide Novell Filr 1.0.1 May 2014 Legal Notices Novell, Inc., makes no representations or warranties with respect to the contents or use of this documentation,
More informationUPGRADING TO XI 3.1 SP6 AND SINGLE SIGN ON. Chad Watson Sr. Business Intelligence Developer
UPGRADING TO XI 3.1 SP6 AND SINGLE SIGN ON Chad Watson Sr. Business Intelligence Developer UPGRADING TO XI 3.1 SP6 What Business Objects Administrators should consider before installing a Service Pack.
More informationActive Directory LDAP Quota and Admin account authentication and management
Active Directory LDAP Quota and Admin account authentication and management Version 4.1 Updated July 2014 GoPrint Systems 2014 GoPrint Systems, Inc, All rights reserved. One Annabel Lane, Suite 105 San
More informationThe JBoss 4 Application Server Web Developer Reference
The JBoss 4 Application Server Web Developer Reference JBoss AS 4.0.5 Release 2 Copyright 2006 JBoss, Inc. Table of Contents 1. The Tomcat Service...1 2. The server.xml file...3 2.1. The Connector element...3
More informationVMware Identity Manager Administration
VMware Identity Manager Administration VMware Identity Manager 2.4 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new
More informationProject (Group) Management Installation Guide (Linux) Version 1.3. Copyright 2007 MGH
Project (Group) Management Installation Guide (Linux) Version 1.3 Copyright 2007 MGH Table of Contents About this Guide iii Document Version History iii Prerequisites 1 Required Software 1 Install 4 Installing
More informationDepartment of Veterans Affairs VistA Integration Adapter Release 1.0.5.0 Enhancement Manual
Department of Veterans Affairs VistA Integration Adapter Release 1.0.5.0 Enhancement Manual Version 1.1 September 2014 Revision History Date Version Description Author 09/28/2014 1.0 Updates associated
More informationHOW TO DEPLOY AN EJB APLICATION IN WEBLOGIC SERVER 11GR1
HOW TO DEPLOY AN EJB APLICATION IN WEBLOGIC SERVER 11GR1 Last update: June 2011 Table of Contents 1 PURPOSE OF DOCUMENT 2 1.1 WHAT IS THE USE FOR THIS DOCUMENT 2 1.2 PREREQUISITES 2 1.3 BEFORE DEPLOYING
More informationReference and Troubleshooting: FTP, IIS, and Firewall Information
APPENDIXC Reference and Troubleshooting: FTP, IIS, and Firewall Information Although Cisco VXC Manager automatically installs and configures everything you need for use with respect to FTP, IIS, and the
More informationHP Device Manager 4.7
Technical white paper HP Device Manager 4.7 LDAP Troubleshooting Guide Table of contents Introduction... 2 HPDM LDAP-related context and background... 2 LDAP in HPDM... 2 Full domain account name login...
More informationDeploying RSA ClearTrust with the FirePass controller
Deployment Guide Deploying RSA ClearTrust with the FirePass Controller Deploying RSA ClearTrust with the FirePass controller Welcome to the FirePass RSA ClearTrust Deployment Guide. This guide shows you
More informationConfiguring User Identification via Active Directory
Configuring User Identification via Active Directory Version 1.0 PAN-OS 5.0.1 Johan Loos johan@accessdenied.be User Identification Overview User Identification allows you to create security policies based
More informationE-mail Listeners. E-mail Formats. Free Form. Formatted
E-mail Listeners 6 E-mail Formats You use the E-mail Listeners application to receive and process Service Requests and other types of tickets through e-mail in the form of e-mail messages. Using E- mail
More informationThe Server.xml File. Containers APPENDIX A. The Server Container
APPENDIX A The Server.xml File In this appendix, we discuss the configuration of Tomcat containers and connectors in the server.xml configuration. This file is located in the CATALINA_HOME/conf directory
More informationThis document uses the following conventions for items that may need to be modified:
Contents Overview... 3 Purpose of this Document... 3 Conventions Used in this Document... 3 Before You Begin... 3 Setting Up HTTPS... 5 Creating a Certificate... 5 Configuring Contract Management to Use
More informationJAMF Software Server Installation Guide for Linux. Version 8.6
JAMF Software Server Installation Guide for Linux Version 8.6 JAMF Software, LLC 2012 JAMF Software, LLC. All rights reserved. JAMF Software has made all efforts to ensure that this guide is accurate.
More informationConfiguring Nex-Gen Web Load Balancer
Configuring Nex-Gen Web Load Balancer Table of Contents Load Balancing Scenarios & Concepts Creating Load Balancer Node using Administration Service Creating Load Balancer Node using NodeCreator Connecting
More informations@lm@n Oracle Exam 1z0-102 Oracle Weblogic Server 11g: System Administration I Version: 9.0 [ Total Questions: 111 ]
s@lm@n Oracle Exam 1z0-102 Oracle Weblogic Server 11g: System Administration I Version: 9.0 [ Total Questions: 111 ] Oracle 1z0-102 : Practice Test Question No : 1 Which two statements are true about java
More informationLepide Active Directory Self Service. Configuration Guide. Follow the simple steps given in this document to start working with
Lepide Active Directory Self Service Configuration Guide 2014 Follow the simple steps given in this document to start working with Lepide Active Directory Self Service Table of Contents 1. Introduction...3
More informationHow To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal 1.1.3 On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (
Avaya one X Portal 1.1.3 Lightweight Directory Access Protocol (LDAP) over Secure Socket Layer (SSL) Configuration This document provides configuration steps for Avaya one X Portal s 1.1.3 communication
More information24x7 Scheduler Multi-platform Edition 5.2
24x7 Scheduler Multi-platform Edition 5.2 Installing and Using 24x7 Web-Based Management Console with Apache Tomcat web server Copyright SoftTree Technologies, Inc. 2004-2014 All rights reserved Table
More informationMassTransit 6.0 Enterprise Web Configuration for Macintosh OS 10.5 Server
MassTransit 6.0 Enterprise Web Configuration for Macintosh OS 10.5 Server November 6, 2008 Group Logic, Inc. 1100 North Glebe Road, Suite 800 Arlington, VA 22201 Phone: 703-528-1555 Fax: 703-528-3296 E-mail:
More informationApp Orchestration 2.5
Configuring NetScaler 10.5 Load Balancing with StoreFront 2.5.2 and NetScaler Gateway for Prepared by: James Richards Last Updated: August 20, 2014 Contents Introduction... 3 Configure the NetScaler load
More informationExchange Reporter Plus SSL Configuration Guide
Exchange Reporter Plus SSL Configuration Guide Table of contents Necessity of a SSL guide 3 Exchange Reporter Plus Overview 3 Why is SSL certification needed? 3 Steps for enabling SSL 4 Certificate Request
More informationConfiguring Integrated Windows Authentication for Oracle WebLogic with SAS 9.2 Web Applications
Configuring Integrated Windows Authentication for Oracle WebLogic with SAS 9.2 Web Applications Copyright Notice The correct bibliographic citation for this manual is as follows: SAS Institute Inc., Configuring
More informationAPIS CARM NG Quick Start Guide for MS Windows
APIS CARM NG Quick Start Guide for MS Windows The information contained in this document may be changed without advance notice and represents no obligation on the part of the manufacturer. The software
More informationJAMF Software Server Installation and Configuration Guide for OS X. Version 9.0
JAMF Software Server Installation and Configuration Guide for OS X Version 9.0 JAMF Software, LLC 2013 JAMF Software, LLC. All rights reserved. JAMF Software has made all efforts to ensure that this guide
More informationHow-to: Single Sign-On
How-to: Single Sign-On Document version: 1.02 nirva systems info@nirva-systems.com nirva-systems.com How-to: Single Sign-On - page 2 This document describes how to use the Single Sign-On (SSO) features
More informationSophos UTM Web Application Firewall for Microsoft Exchange connectivity
How to configure Sophos UTM Web Application Firewall for Microsoft Exchange connectivity This article explains how to configure your Sophos UTM 9.2 to allow access to the relevant Microsoft Exchange services
More informationDell KACE K1000 System Management Appliance Version 5.4. Service Desk Administrator Guide
Dell KACE K1000 System Management Appliance Version 5.4 Service Desk Administrator Guide October 2012 2004-2012 Dell Inc. All rights reserved. Reproduction of these materials in any manner whatsoever without
More informationCA Nimsoft Service Desk
CA Nimsoft Service Desk Single Sign-On Configuration Guide 6.2.6 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationDISTRIBUTED CONTENT SSL CONFIGURATION AND TROUBLESHOOTING GUIDE
White Paper Abstract This white paper explains the configuration of Distributed Content (ACS, BOCS and DMS) in SSL mode and monitors the logs for content transfer operations. This guide describes the end-to-end
More informationConfiguring Sponsor Authentication
CHAPTER 4 Sponsors are the people who use Cisco NAC Guest Server to create guest accounts. Sponsor authentication authenticates sponsor users to the Sponsor interface of the Guest Server. There are five
More information1z0-102 Q&A. DEMO Version
Oracle Weblogic Server 11g: System Administration Q&A DEMO Version Copyright (c) 2013 Chinatag LLC. All rights reserved. Important Note Please Read Carefully For demonstration purpose only, this free version
More informationCLC Bioinformatics Database
CLC Bioinformatics Database Administrator USER MANUAL Administrator Manual for CLC Bioinformatics Database 4.6 Windows, Mac OS X and Linux September 3, 2015 This software is for research purposes only.
More informationSOA Software: Troubleshooting Guide for Agents
SOA Software: Troubleshooting Guide for Agents SOA Software Troubleshooting Guide for Agents 1.1 October, 2013 Copyright Copyright 2013 SOA Software, Inc. All rights reserved. Trademarks SOA Software,
More informationContent Filtering Client Policy & Reporting Administrator s Guide
Content Filtering Client Policy & Reporting Administrator s Guide Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your system. CAUTION: A CAUTION
More informationIIS, FTP Server and Windows
IIS, FTP Server and Windows The Objective: To setup, configure and test FTP server. Requirement: Any version of the Windows 2000 Server. FTP Windows s component. Internet Information Services, IIS. Steps:
More informationHP Device Manager 4.6
Technical white paper HP Device Manager 4.6 LDAP Troubleshooting Guide Table of contents Introduction... 2 HPDM LDAP-related context and background... 2 LDAP in HPDM... 2 Configuring User Authentication...
More informationHow to Logon with Domain Credentials to a Server in a Workgroup
How to Logon with Domain Credentials to a Server in a Workgroup Johan Loos johan@accessdenied.be Version 1.0 Authentication Overview Basically when you logon to a Windows Server you can logon locally using
More information2X ApplicationServer & LoadBalancer Manual
2X ApplicationServer & LoadBalancer Manual 2X ApplicationServer & LoadBalancer Contents 1 URL: www.2x.com E-mail: info@2x.com Information in this document is subject to change without notice. Companies,
More informationJunio 2015. SSL WebLogic Oracle. Guía de Instalación. Junio, 2015. SSL WebLogic Oracle Guía de Instalación CONFIDENCIAL Página 1 de 19
SSL WebLogic Oracle Guía de Instalación Junio, 2015 Página 1 de 19 Setting Up SSL on Oracle WebLogic Server This section describes how to configure SSL on Oracle WebLogic Server for PeopleTools 8.50. 1.
More informationConfiguring Secure Socket Layer (SSL) for use with BPM 7.5.x
Configuring Secure Socket Layer (SSL) for use with BPM 7.5.x Configuring Secure Socket Layer (SSL) communication for a standalone environment... 2 Import the Process Server WAS root SSL certificate into
More informationThe following process allows you to configure exacqvision permissions and privileges for accounts that exist on an Active Directory server:
Ubuntu Linux Server & Client and Active Directory 1 Configuration The following process allows you to configure exacqvision permissions and privileges for accounts that exist on an Active Directory server:
More informationConfiguring MailArchiva with Insight Server
Copyright 2009 Bynari Inc., All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any
More informationVMware Identity Manager Connector Installation and Configuration
VMware Identity Manager Connector Installation and Configuration VMware Identity Manager This document supports the version of each product listed and supports all subsequent versions until the document
More informationBusinessObjects 4.0 Windows AD Single Sign on Configuration
TUBusinessObjects 4.0 Single Sign OnUT BusinessObjects 4.0 Single Sign On also called SSO with Windows AD requires few steps to take. Most of the steps are dependent on each other. Certain steps cannot
More informationSiteminder Integration Guide
Integrating Siteminder with SA SA - Siteminder Integration Guide Abstract The Junos Pulse Secure Access (SA) platform supports the Netegrity Siteminder authentication and authorization server along with
More informationJAMF Software Server Installation and Configuration Guide for OS X. Version 9.2
JAMF Software Server Installation and Configuration Guide for OS X Version 9.2 JAMF Software, LLC 2013 JAMF Software, LLC. All rights reserved. JAMF Software has made all efforts to ensure that this guide
More informationIntroduction to Directory Services
Introduction to Directory Services Overview This document explains how AirWatch integrates with your organization's existing directory service such as Active Directory, Lotus Domino and Novell e-directory
More informationInstallation and Configuration Guide
Entrust Managed Services PKI Auto-enrollment Server 7.0 Installation and Configuration Guide Document issue: 1.0 Date of Issue: July 2009 Copyright 2009 Entrust. All rights reserved. Entrust is a trademark
More information