SafeNet Authentication Manager

Similar documents
Microsoft Office 365 Using SAML Integration Guide

SAM Context-Based Authentication Using Juniper SA Integration Guide

Integration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Salesforce

Configuring Single Sign-on from the VMware Identity Manager Service to AirWatch Applications

CA Nimsoft Service Desk

Cloud Authentication. Getting Started Guide. Version

ADFS Integration Guidelines

Integration Guide. SafeNet Authentication Service. Using SAS with Web Application Proxy. Technical Manual Template

Integration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Tableau Server

Egnyte Single Sign-On (SSO) Configuration for Active Directory Federation Services (ADFS)

An overview of configuring WebEx for single sign-on. To configure the WebEx application for single-sign on from the cloud service (an overview)

Configuring ADFS 3.0 to Communicate with WhosOnLocation SAML

Configuring Single Sign-On from the VMware Identity Manager Service to Office 365

OneLogin Integration User Guide

An overview of configuring WebEx for single sign-on. To configure the WebEx application for single-sign on from the cloud service (an overview)

Security Assertion Markup Language (SAML) Site Manager Setup

Integration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Drupal

Protecting Juniper SA using Certificate-Based Authentication. Quick Start Guide

Egnyte Single Sign-On (SSO) Installation for OneLogin

Configuring Single Sign-on from the VMware Identity Manager Service to Dropbox

Configuring Single Sign-on from the VMware Identity Manager Service to WebEx

Your Question. Net Report Answer

This chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections:

To set up Egnyte so employees can log in using SSO, follow the steps below to configure VMware Horizon and Egnyte to work with each other.

Juniper SSL VPN Authentication QUICKStart Guide

Connected Data. Connected Data requirements for SSO

Introduction to Directory Services

SalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy

Step-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x

Copyright Pivotal Software Inc, of 10

HOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services

WatchDox Administrator's Guide. Application Version 3.7.5

VMware Identity Manager Administration

Entrust Managed Services PKI. Configuring secure LDAP with Domain Controller digital certificates

Single Sign On for ShareFile with NetScaler. Deployment Guide

Google Apps Deployment Guide

McAfee Cloud Identity Manager

TIB 2.0 Administration Functions Overview

Siteminder Integration Guide

Only LDAP-synchronized users can access SAML SSO-enabled web applications. Local end users and applications users cannot access them.

Configure Single Sign on Between Domino and WPS

INTEGRATION GUIDE. DIGIPASS Authentication for Salesforce using IDENTIKEY Federation Server

Managing users. Account sources. Chapter 1

Configuring Single Sign-on from the VMware Identity Manager Service to ServiceNow

Tenrox. Single Sign-On (SSO) Setup Guide. January, Tenrox. All rights reserved.

Using Internet or Windows Explorer to Upload Your Site

SAML application scripting guide

Configuring Single Sign-on from the VMware Identity Manager Service to Amazon Web Services

Active Directory Validation - User Guide

WatchDox SharePoint Beta Guide. Application Version 1.0.0

Enabling Single Sign- On for Common Identity using F5

AVG Business SSO Partner Getting Started Guide

PRODUCT WHITE PAPER LABEL ARCHIVE. Adding and Configuring Active Directory Users in LABEL ARCHIVE

HOTPin Integration Guide: Google Apps with Active Directory Federated Services

Deploying RSA ClearTrust with the FirePass controller

Installation Guide v3.0

EBOX Digital Content Management System (CMS) User Guide For Site Owners & Administrators

IMAP and SMTP Setup in Clients

Configuring EPM System for SAML2-based Federation Services SSO

Using SSH Secure Shell Client for FTP

USING MYWEBSQL FIGURE 1: FIRST AUTHENTICATION LAYER (ENTER YOUR REGULAR SIMMONS USERNAME AND PASSWORD)

Connecting to UNOSECURE using Windows 7

MadCap Software. Upgrading Guide. Pulse

Configuring SuccessFactors

Configuring on-premise Sharepoint server SSO

Integrating LivePerson with Salesforce

Agenda. How to configure

Fax User Guide 07/31/2014 USER GUIDE

qliqdirect Active Directory Guide

Single Sign On (SSO) Implementation Manual. For Connect 5 & MyConnect Sites

Content Filtering Client Policy & Reporting Administrator s Guide

How To Use Saml 2.0 Single Sign On With Qualysguard

Section 1, Configuring Access Manager, on page 1 Section 2, Configuring Office 365, on page 4 Section 3, Verifying Single Sign-On Access, on page 5

Configuring Salesforce

SP-initiated SSO for Smartsheet is automatically enabled when the SAML feature is activated.

Load testing with. WAPT Cloud. Quick Start Guide

Strong Authentication for Juniper Networks SSL VPN

Snow Active Directory Discovery

Configuring Active Directory with AD FS and SAML for Brainloop Secure Dataroom Setup Guide

Flexible Identity Federation

INTEGRATION GUIDE. IDENTIKEY Federation Server for Juniper SSL-VPN

Add Microsoft Azure as the Federated Authenticator in WSO2 Identity Server

ACTIVID APPLIANCE AND MICROSOFT AD FS

Online Statements. About this guide. Important information

Egnyte Single Sign-On (SSO) Installation for Okta

EVault Endpoint Protection 7.0 Single Sign-On Configuration

PassKey Manager. Schoolwires Centricity

Protected Trust Directory Sync Guide

IIS, FTP Server and Windows

Entrust IdentityGuard Comprehensive

Working with Indicee Elements

NT Authentication Configuration Guide

Getting Started with Clearlogin A Guide for Administrators V1.01

PingFederate. Salesforce Connector. Quick Connection Guide. Version 4.1

DocuSign Single Sign On Implementation Guide Published: March 17, 2016

Integration Overview. Web Services and Single Sign On

Mac OS X Secure Wireless Setup Guide

App Orchestration 2.0

SOLGARI CLOUD BUSINESS COMMUNICATION SERVICES CLOUD CONTACT CENTRE MICROSOFT DYNAMICS INTEGRATION

Transcription:

SafeNet Authentication Manager TECHNICAL BRIEF Using SafeNet Authentication Manager as Identity Provider for AirWatch Contents Description... 2 Single Sign-On Dataflow... 2 Identity Provider Configuration... 3 Configuring AirWatch to use SafeNet Authentication Manager as Identity Provider... 3 Configuring SafeNet Authentication Manager to use SAML based User Federation... 7 Running the Solution... 10 Page 1 of 10

Description This document provides guidelines for enabling strong-authentication for AirWatch s administrators account using SafeNet Authentication Manager (SAM). NOTE The document assumes that AirWatch service is already configured and working with static passwords prior to implementing SafeNet Authentication Service strong authentication. Single Sign-On Dataflow 1. Bill, an administrator, wants to login to AirWatch s Administrators Portal. Bill wants to leverage the single signon capabilities embedded in the organization s SafeNet Authentication Manager solution. 2. SafeNet Authentication Manager s portal collects Bill's credentials and passes them to SafeNet Authentication Manager (SAM) for authentication. SAM evaluates Bill s credentials, and returns an accept or reject response to the external portal. 3. The portal uses SAM s response to return an accept or error assertion to AirWatch. Page 2 of 10

Identity Provider Configuration The following section is common in many applications that use SAML protocol for user-federation. We will provide the information that the application (in this case AirWatch) needs for setting up SafeNet Authentication Manager as its identity provider from the SAS`s console SAML 2.0 settings. 1. Choose SafeNet Authentication Manager > Configuration Manager from Windows Start Menu. The Configuration Manager window opens. 2. Chose Action > Cloud Configuration on the Menu bar. The Cloud Settings window opens. 3. Select the Info for Service Provider tab. In the Domain URL field, enter the domain URL of your organization s SAM external portal. The Single Sign-On fields are displayed. Do not close the Cloud Settings window. The displayed values will be needed in step 8a of Configuring AirWatch to use SafeNet Authentication Manager as Identity Provider on page 5. 4. Click Export Certificate, and save the file. This file will be needed in step 8i of Configuring AirWatch to use SafeNet Authentication Manager as Identity Provider on page 6. Page 3 of 10

Configuring AirWatch to use SafeNet Authentication Manager as Identity Provider To add SAM as an Identity Provider to AirWatch, we would need to use SafeNet Authentication Manager s Single Sign On configuration that was retrieved in the previous section. Using this information follow these steps: 1. Log in to AirWatch, and in the upper left corner, click Menu> Configuration> System Configuration.The System Configuration window opens. 2. Select System > Enterprise Integration. The Enterprise Integration option window opens. Page 4 of 10

3. Select Directory Services. The Directory Services window opens. 4. In the Server tab, on the Current Setting choose Override. 5. The LDAP options have been enabled. 6. In Directory Type choose None. 7. Enable the Use SAML For Authentication. The SAML settings opens. 8. Use the following settings: a. In the Service Provider (AirWatch) ID field, enter a unique AirWatch ID to be identified to SafeNet Authentication Manager. b. In the Identity Provider ID field, enter a unique SAM ID as SafeNet Authentication Manage identifier in AirWatch. c. In the Request section, choose the option of Redirect. d. In the Identity Provider Single Sign On URL field, copy the Sign-in Page URL value from SAM s Cloud Configuration window retrieved in step 0 of the Identity Provider Configuration section. e. In the NameID Format choose Unspecified. Page 5 of 10

f. In the Authentication Request Security choose None. g. In the Response section, choose Post. h. In the Authentication Response Security choose None. i. In the Certificates section, choose to upload the Identity Provider Certificate. Choose the certificate that has been exported from SafeNet Authentication Manage configuration manager in step 5 of the Identity Provider Configuration section. Click Save. Next diagram is an example of the completed fields in the AirWatch console. 9. Click Save. 10. Select the User tab from the top bar. The User Options window appears. 11. In the Username field, change the value to uid. 12. Click Save. SafeNet Authentication Manager is now set as an Identity Provider in AirWatch. Page 6 of 10

Configuring SafeNet Authentication Manager to use SAML based User Federation SafeNet Authentication Manager\s Token Policy Object (TPO) policies include Application Authentication Settings for SAML service providers. These settings are used by SafeNet Authentication Manager s external portal to communicate with service providers. NOTE See SafeNet Authentication Manager (version 8.2) Administrator s Guide for general portal configuration. Edit the TPO policies for SafeNet Authentication Manager s portal configuration by following these steps: 1. Open the Token Policy Object Editor for the appropriate group. See the SafeNet Authentication Manager (version 8.2) Administrator s Guide for more information. The Token Policy Object Editor window opens. 2. In the left pane, go to Protected Application Settings > User Authentication. Policies are displayed in the right pane. 3. In the right pane, double-click Application Authentication Settings. The Application Authentication Settings Properties window opens. Page 7 of 10

4. Select Define this policy setting, and select Enabled. 5. Click Definitions.The Application Authentication Settings window opens. 6. In the left pane, right click Application Authentication Settings, and from the dropdown menu, select Create a new profile. A new profile is created. 7. In the left pane, right click the new profile, and from the dropdown menu, select Rename. 8. Rename the profile AirWatch, and select it. The profile s policies are displayed in the right pane. 9. In the right pane, double-click the following policies, and enter the appropriate information: a. Application Issuer: Enter the AirWatch s Service Provider ID value that was entered in step 8 a on page 5. b. Application s login URL: Enter https://<airwatch_service_url>/airwatch/saml/assertionservice.ashx?binding=httppost replacing <AirWatch_service_url> with the URL of your AirWatch service. c. User mapping: Set to the field in your user repository that identify your AirWatch login name. Page 8 of 10

d. Enable the appropriate authentication methods for your organization. See the SafeNet Authentication Manager (Version 8.2) Administrator s Guide for information about authentication methods. The following is an example of completed fields in the Application Authentication Settings window: 10. Click OK until all of the TPO Editor windows will be closed. Page 9 of 10

Running the Solution The user logs on to AirWatch Administrator s console using SAML authentication and with SafeNet Authentication Manager. To log on to the organization s AirWatch environment follow these steps: 1. Browse to https:// <AirWatch_service_url>/airwatch/login?GID=<Group_ID> replacing <AirWatch_instance_name> with the URL of the organization s AirWatch service and <Group_ID> with the group ID of the organization (Can be found using the Admin console: Menu > Configuration > Organization Group > Group ID field). 2. User will be redirected to SafeNet Authentication Manager s external portal s authentication page. 3. Enter your SafeNet Authentication Manager authentication credentials, and click OK. 4. You are logged on to your AirWatch account. Page 10 of 10

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information