The authentication process for validating a user using an external AD or LDAP provider is as follows.

Similar documents
Getting Started with AD/LDAP SSO

USER GUIDE. Lightweight Directory Access Protocol (LDAP) Schoolwires Centricity

Agenda. How to configure

SCOPTEL WITH ACTIVE DIRECTORY USER DOCUMENTATION

INTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server

Security Assertion Markup Language (SAML) Site Manager Setup

Authentication Methods

Configuring Sponsor Authentication

Configuring User Identification via Active Directory

SCADA Security. Enabling Integrated Windows Authentication For CitectSCADA Web Client. Applies To: CitectSCADA 6.xx and 7.xx VijeoCitect 6.xx and 7.

NETASQ ACTIVE DIRECTORY INTEGRATION

Copyright: WhosOnLocation Limited

Integrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER

Administrator Guide. v 11

ADFS Integration Guidelines

SalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy

OneLogin Integration User Guide

Using LDAP Authentication in a PowerCenter Domain

INTEGRATION GUIDE. DIGIPASS Authentication for Salesforce using IDENTIKEY Federation Server

Remote Authentication and Single Sign-on Support in Tk20

Deploying RSA ClearTrust with the FirePass controller

Using different Security Policies on Group Level for AD within one Portal. SSL-VPN Security on Group Level. Introduction

Tenrox. Single Sign-On (SSO) Setup Guide. January, Tenrox. All rights reserved.

CA Performance Center

InfoRouter LDAP Authentication Web Service documentation for inforouter Versions 7.5.x & 8.x

Configuring ADFS 3.0 to Communicate with WhosOnLocation SAML

Building Secure Applications. James Tedrick

VMware Identity Manager Administration

External Authentication with Citrix Secure Gateway - Presentation server Authenticating Users Using SecurAccess Server by SecurEnvoy

Central Administration QuickStart Guide

Configuring EPM System for SAML2-based Federation Services SSO

Integration Guide. SafeNet Authentication Service. Using SAS with Web Application Proxy. Technical Manual Template

The increasing popularity of mobile devices is rapidly changing how and where we

Application Note: Cisco Integration with Onsight Connect

Chapter 3 Authenticating Users

Basic Configuration. Key Operator Tools older products. Program/Change LDAP Server (page 3 of keyop tools) Use LDAP Server must be ON to work

Configuring the Cisco ISA500 for Active Directory/LDAP and RADIUS Authentication

AskCody Connect Connect your Outlook or AD to AskCody s solutions seamlessly. Everything included!

PingFederate. Windows Live Cloud Identity Connector. User Guide. Version 1.0

Device Log Export ENGLISH

Egnyte Single Sign-On (SSO) Configuration for Active Directory Federation Services (ADFS)

Setup Guide Access Manager 3.2 SP3

CA Nimsoft Service Desk

qliqdirect Active Directory Guide

Multi-factor Authentication using Radius

Mozilla Thunderbird: Setup & Configuration Learning Guide

WirelessOffice Administrator LDAP/Active Directory Support

Field Description Example. IP address of your DNS server. It is used to resolve fully qualified domain names

How To Authenticate An Ssl Vpn With Libap On A Safeprocess On A Libp Server On A Fortigate On A Pc Or Ipad On A Ipad Or Ipa On A Macbook Or Ipod On A Network

ProxySG TechBrief LDAP Authentication with the ProxySG

HP Device Manager 4.7

Workspot Configuration Guide for the Cisco Adaptive Security Appliance

Configuring Single Sign-On from the VMware Identity Manager Service to Office 365

App Orchestration 2.0

Integrating LANGuardian with Active Directory

LDAP User Guide PowerSchool Premier 5.1 Student Information System

Configuring Single Sign-on from the VMware Identity Manager Service to Dropbox

ipad or iphone with Junos Pulse and Juniper SSL VPN appliance Authenticating Users Using SecurAccess Server by SecurEnvoy

An overview of configuring WebEx for single sign-on. To configure the WebEx application for single-sign on from the cloud service (an overview)

Egnyte Single Sign-On (SSO) Installation for OneLogin

Absorb Single Sign-On (SSO) V3.0

HOW TO CONFIGURE SQL SERVER REPORTING SERVICES IN ORDER TO DEPLOY REPORTING SERVICES REPORTS FOR DYNAMICS GP

Configuration Worksheets for Oracle WebCenter Ensemble 10.3

Configuring and Using the TMM with LDAP / Active Directory

SchoolBooking LDAP Integration Guide

EMR Link Server Interface Installation

Getting Started with Clearlogin A Guide for Administrators V1.01

Here, we will discuss step-by-step procedure for enabling LDAP Authentication.

Preparing for GO!Enterprise MDM On-Demand Service

Connected Data. Connected Data requirements for SSO

How to Migrate to MailEnable using the Migration Console

PineApp Surf-SeCure Quick

Verify LDAP over SSL/TLS (LDAPS) and CA Certificate Using Ldp.exe

Installing Lumension Endpoint Management and Security Suite (L.E.M.S.S.) Using a Remote SQL Server

Only LDAP-synchronized users can access SAML SSO-enabled web applications. Local end users and applications users cannot access them.

Quality Center LDAP Guide

Introduction to Directory Services

Getting Started With Delegated Administration

SAML Single-Sign-On (SSO)

How To Integrate Watchguard Xtm With Secur Access With Watchguard And Safepower 2Factor Authentication On A Watchguard 2T (V2) On A 2Tv 2Tm (V1.2) With A 2F

Setup Guide Access Manager Appliance 3.2 SP3

F-Secure Messaging Security Gateway. Deployment Guide

This section includes troubleshooting topics about single sign-on (SSO) issues.

QliqDIRECT Active Directory Guide

Trend Micro Worry-Free Remote Manager Agent Installation Guide

Configuring Single Sign-on from the VMware Identity Manager Service to AirWatch Applications

IPedge Feature Desc. 5/25/12

Single Sign-On Implementation Guide

User Management Tool 1.5

HOTPin Integration Guide: Microsoft Office 365 with Active Directory Federated Services

Setting up LDAP settings for LiveCycle Workflow Business Activity Monitor

Zendesk SSO with Cloud Secure using MobileIron MDM Server and Okta

Folder Proxy + OWA + ECP/EAC Guide. Version 2.0 April 2016

Bitrix Site Manager. Quick Guide To Using The AD/LDAP Module

SAML Security Option White Paper

IP Phone Service Administration and Subscription

SonicOS Enhanced 3.2 LDAP Integration with Microsoft Active Directory and Novell edirectory Support

Content Filtering Client Policy & Reporting Administrator s Guide

Cox Managed CPE Services. RADIUS Authentication for AnyConnect VPN Version 1.3 [Draft]

Domains Help Documentation This document was auto-created from web content and is subject to change at any time. Copyright (c) 2016 SmarterTools Inc.

Transcription:

IntelligenceBank - External Authentication Active Directory Integration Overview The authentication process for validating a user using an external AD or LDAP provider is as follows. 1. The user accesses the login page for IntelligenceBank (IB) either via web or via ipad app. 2. The IB server checks to see if that user is to be authenticated via an external Active Directory or LDAP provider. 3. If so then the user's credentials are sent to the external AD or LDAP server and the response received. The response data must include the user's email address as stored in the ib server as part of the returned information. 4. The IB server verifies the user's email address as provided by the AD or LDAP server and if successful then the user receives the home page. 5. If the user is not validated by the AD or LDAP server, or is not verified by the IB server, then the user receives an 'Incorrect login credentials' message and remains on the login page. Requirements and Additional Information 1. In order to be verified by the IB system the user needs to have been created in the system. This is usually done by the users' IB administrator. 2. Currently there is no auto registration of users by means of an API from an AD or LDAP server. Currently there is no synchronization between the AD or LDAP server and the IB server. 3. Users in the IB system can be set to use either the external authenticator configured for their company, or to use the IB local login. This allows companies to have a mix of AD or LDAP authenticated users (e.g. for their internal users) and IB local login users (for their external partners).

Configuration To use an external AD or LDAP server as an authentication source for accessing IntelligenceBank, the following configuration screen is provided in the administration section of IntelligenceBank. The above fields contain default data that needs to be changed according to the requirements of the AD or LDAP server. The important fields that need to be set correctly are Host: either the URL or IP address of the AD or LDAP server Port: if the server uses a different port to 389, or if TLS or SSL is configured. These usually use a different port TLS and SSL: whether either of these is required (make sure the port is correct) Base DN: the base Distinguished Name. This is appended to the user's login name Domain Name: the relevant domain name. Short Domain Name: an internal abbreviation for the domain name Canonical Form: this is usually set to 3 for AD and 2 for LDAP

SAML Integration Overview IntelligenceBank currently provides two methods for authentication using the SAML protocol : two legged, where the user accesses the IB server and is redirected to a SAML server for autheinctation, and one-legged, where the user is already validated on a SAML server and is automatically logged into IntelligenceBank. The two processes are outlined below. Two Legged Authentication 1. In this process the user first accesses the Intelligencebank server. 2. If the user is to be authenticated remotely then the user is re-directed to the SAML server configured for the company. 3. Once the user has successfully validated on the SAML server she is redirected back to the IntelligenceBank server with a SAML assertion and user information. 4. The IntelligenceBank server verifies the SAML assertion and user information and if successful logs the user in and directs the user to the home page.

One Legged Authentication 1. In this process the user first logs in and accesses a server on her intranet. This process may differ according to the requirements of each company. 2. Upon clicking on a specific link she is redirected to the IntelligenceBank server along with a SAML assertion and relevant user information. 3. The IntelligenceBank server verifies the SAML assertion and user information and if successful logs the user in and directs the user to the home page.

Configuration To use an external SAML server as an authentication source for accessing IntelligenceBank, the following configuration screen is provided in the administration section of IntelligenceBank. The above fields contain default data that needs to be changed according to the requirements of the SAML server. The important fields that need to be set correctly are Host: the specific URL of the page to access for the SAML authentication Base64 Encoded: whether the certificate or certificate data is base64 encoded Certificate Data: the certificate data for the SAML assertion Organization Name: the name of the company or organization

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information