AVG Business Secure Sign On Active Directory Quick Start Guide



Similar documents
AVG Business SSO Connecting to Active Directory

Installing Samsung SDS CellWe EMM cloud connectors and administrator consoles

Centrify Cloud Connector Deployment Guide

Managing users. Account sources. Chapter 1

AVG Business SSO Partner Getting Started Guide

qliqdirect Active Directory Guide

OneLogin Integration User Guide

Defender Token Deployment System Quick Start Guide

Office 365 deployment checklists

Office 365 deploym. ployment checklists. Chapter 27

Configuring the Samsung SDS CellWe EMM cloud connector

How To - Implement Single Sign On Authentication with Active Directory

Outlook Profile Setup Guide Exchange 2010 Quick Start and Detailed Instructions

EMR Link Server Interface Installation

Managing users. Account sources. Chapter 2

NSi Mobile Installation Guide. Version 6.2

Installation Guide for Pulse on Windows Server 2008R2

How to configure the TopCloudXL WHMCS plugin (version 2+) Update: Version: 2.2

TimeTrade Salesforce Connector Administrator Guide

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

Installation Guide for Pulse on Windows Server 2012

Getting Started with Clearlogin A Guide for Administrators V1.01

VMware Identity Manager Connector Installation and Configuration

MaaS360 Mobile Enterprise Gateway

MaaS360 Mobile Enterprise Gateway


QliqDIRECT Active Directory Guide

Configuring Global Protect SSL VPN with a user-defined port

WebSpy Vantage Ultimate 2.2 Web Module Administrators Guide

Enterprise Manager. Version 6.2. Installation Guide

HGC SUPERHUB HOSTED EXCHANGE

DreamFactory on Microsoft SQL Azure

Introduction to Mobile Access Gateway Installation

Quick Start Guide Sendio Hosted

How To - Implement Clientless Single Sign On Authentication in Single Active Directory Domain Controller Environment

System Administration Training Guide. S100 Installation and Site Management

Installing Exchange and Extending the Active Directory Schema for Cisco Unity 8.x

Cloud Services ADM. Agent Deployment Guide

SHAREPOINT 2013 IN INFRASTRUCTURE AS A SERVICE

Introduction to the AirWatch Cloud Connector (ACC) Guide

Product Manual. MDM On Premise Installation Version 8.1. Last Updated: 06/07/15

Tenrox. Single Sign-On (SSO) Setup Guide. January, Tenrox. All rights reserved.

MaaS360 Cloud Extender

Secure Messaging Server Console... 2

WhatsUp Gold v16.3 Installation and Configuration Guide

Web Sites, Virtual Machines, Service Management Portal and Service Management API Beta Installation Guide

A Guide to New Features in Propalms OneGate 4.0

MaaS360 On-Premises Cloud Extender

NovaBACKUP xsp Version 15.0 Upgrade Guide

Egnyte Single Sign-On (SSO) Installation for OneLogin

GFI Product Manual. Web security, monitoring and Internet access control. Administrator Guide

App Orchestration 2.5

Setting up Hyper-V for 2X VirtualDesktopServer Manual

Team Foundation Server 2012 Installation Guide

IFS CLOUD UPLINK INSTALLATION GUIDE

Basic Exchange Setup Guide

Advanced Configuration Administration Guide

Enterprise Self Service Quick start Guide

Google Apps Deployment Guide

Exchange Outlook Profile/POP/IMAP/SMTP Setup Guide

OneStop Reporting OSR Portal 4.6 Installation Guide

IIS, FTP Server and Windows


Team Foundation Server 2013 Installation Guide

App Orchestration Setup Checklist

Advantage for Windows Copyright 2012 by The Advantage Software Company, Inc. All rights reserved. Client Portal blue Installation Guide v1.

Upgrade Guide BES12. Version 12.1

Employee Active Directory Self-Service Quick Setup Guide

Active Directory integration with CloudByte ElastiStor

FTP, IIS, and Firewall Reference and Troubleshooting

How To Set Up Safetica Insight 9 (Safetica) For A Safetrica Management Service (Sms) For An Ipad Or Ipad (Smb) (Sbc) (For A Safetaica) (

To install Multifront you need to have familiarity with Internet Information Services (IIS), Microsoft.NET Framework and SQL Server 2008.

QUANTIFY INSTALLATION GUIDE

Polycom CMA System Upgrade Guide

F-Secure Messaging Security Gateway. Deployment Guide

Sophos Mobile Control SaaS startup guide. Product version: 6

Setting up Citrix XenServer for 2X VirtualDesktopServer Manual

Getting Started with Attunity CloudBeam for Azure SQL Data Warehouse BYOL

ECA IIS Instructions. January 2005

Mobile Device Management Version 8. Last updated:

2X Cloud Portal v10.5

App Orchestration 2.0

Introduction to Directory Services

Copyright 2013, 3CX Ltd.

WatchDox Administrator's Guide. Application Version 3.7.5

Sage HRMS 2014 Sage Employee Self Service Tech Installation Guide for Windows 2003, 2008, and October 2013

Request Manager Installation and Configuration Guide

WHMCS LUXCLOUD MODULE

Active Directory Self-Service FAQ

F-Secure Internet Gatekeeper Virtual Appliance

Guide for Setting Up Your Multi-Factor Authentication Account and Using Multi-Factor Authentication. Mobile App Activation

NEFSIS DEDICATED SERVER

AIMS Installation and Licensing Guide

MadCap Software. Upgrading Guide. Pulse

Basic Exchange Setup Guide

Special thanks to the following people for reviewing and providing invaluable feedback for this document: Joe Davies, Bill Mathers, Andreas Kjellman

Technical Requirements for OneStop Reporting products

Lync Online Deployment Guide. Version 1.0

Administrator Guide. v 11

VoIPon Tel: +44 (0) Fax: +44 (0)

Transcription:

AVG Business Secure Sign On Active Directory Quick Start Guide The steps below will allow for download and registration of the AVG Business SSO Cloud Connector to integrate SaaS application access and mobile device management for Active Directory users. Overview The Business SSO identity platform requires an identity repository for storing data about your organization s users and mobile devices. You can use either or both of the following: Active Directory: The Business SSO identity platform securely connects with your existing Active Directory infrastructure through the Business SSO cloud connector to authenticate users when they log in to the web portals and enroll a device. The Business SSO identity platform does not replicate Active Directory accounts or attributes in the identity platform. Business SSO user service: The Business SSO identity platform includes this built-in identity repository. When you select this option, the Business SSO identity platform uses the Business SSO user service account to authenticate users and, if you are using the Business SSO identity platform for mobile device management, to store the enrolled device records. If you are not already using Active Directory, you can get started right away using the Business SSO user service. You can create user accounts individually or use the bulk-import feature to import a set of users from a CSV or Excel file. If your organization is heavily invested in Active Directory, you can continue to use it as your primary identity store and use the same tools (for example, Active Directory Users and Computers) to manage users and mobile devices.

When you use Active Directory, your users enter their Active Directory credentials to log in to the Business SSO user portal and enroll devices. You can use both identity stores simultaneously, too. For example, even if you decide to use Active Directory as your primary identity store, the Business SSO user service can provide a convenient supplemental repository for the following types of users: Emergency administrators: If there is ever a network break down to the Active Directory domain controller, no one with just an Active Directory account can log in. However, if you create administrator accounts in Business SSO user service, these users can log in to Cloud Manager and the Business SSO user portal and launch web applications. Temporary users: If you have temporary users for example, customers, contractors, and partners who need to run your web applications, it may be easier and less risky to add them as Business SSO user service accounts rather than Active Directory accounts. Using the Active Directory and Business SSO user service ID repositories The Business SSO identity platform can use both Active Directory and Business SSO user service accounts to authenticate users. You must have the cloud connector installed to use Active Directory accounts. When the identity platform receives an authentication request, it checks the ID repositories for the account name in the following order: 1. Business SSO user service by name 2. Active Directory user by user 3. Active Directory user by email 4. Business SSO user service by email

In addition, the Business SSO identity platform uses the contact information in Active Directory or the cloud accounts to contact users when multifactor authentication is enabled for logging in to Cloud Manager and the Business SSO user portal and applications that are configured for strong authentication. If the contact information is wrong, the user is not able to log in. Installing Business SSO cloud connectors and administrator consoles This document explains how to use the Business SSO Cloud Management Suite installation wizard for the following purposes: To install a Business SSO cloud connector for authenticating identity platform users by using an Active Directory account To create administrator consoles for identity platform administrators. This lets you use Active Directory Users and Computers to manage identity platform users and enrolled devices and the Group Policy Management Editor to create group policy objects for mobile device policies. You only need to install any of these components if you are using Active Directory accounts to authenticate identity platform users. (Active Directory user accounts and attributes are not replicated in the Business SSO identity platform.) Requirements

To install and configure a Business SSO cloud connector you need the following: Item Description Business SSO Cloud Management Suite installer This program installs the cloud connector, Active Directory and group policy console extensions, and the Business SSO Cloud Connector Configuration Program. To get the installer, you open Cloud Manager, click Settings, click Cloud Connectors, and click Add cloud connector. Repeat this procedure every time you install a cloud connector to ensure you get the latest version of the cloud connector. Host computer joined to the domain controller You install the Business SSO cloud connector on a Windows computer to establish the communications link between the Business SSO identity platform and Active Directory domain controller. If you are referencing accounts in an Active Directory tree or forest, the cloud connector can joined to any domain controller in the tree (it does not need to be the root). In addition, that domain controller must have two-way, transitive trust relationships with the other domain controllers. Refer to the help section below on Supporting user authentication for multiple domains for the details. This computer must be in your internal network and meet or exceed the following requirements: Windows Server 2008 R2 or newer (64-bit only) with 8 GB of memory, of which 4 GB should be available for cloud connector cache functions. Has Internet access so that it can access the Business SSO identity platform. Has a Baltimore Cyber Trust Root CA certificate installed in the Local Machine Trusted Certificate root authorities store. Microsoft.NET version 4.5 or later; if it isn t already installed, the installer installs it for you. Be a server or server-like computer that is always running and accessible. User account with the proper Active Directory and identity platform permissions. To install the Business SSO cloud connector, the user account must have Active Directory Modify Permissions permission. Refer to the help section below on Required Active Directory

permissions to install the cloud connector for the details. To register the cloud connector in your identity platform account, you must be either a member of the sysadmin role or be a member of a role that has the Register Cloud Connectors permission. Web proxy server (optional) If your network is configured with a web proxy server that you want to use to connect to the Business SSO identity platform, you specify this server during the installation process. The web proxy server must support HTTP1.1 chunked encoding. Firewall settings You should configure you firewall to allow outbound traffic over the following ports: Port numbers Resource 443 *.sso.avg.com 443 *.windows.net 80 www.public.trust.com 80 mscrl.microsoft.com 80 privacy-policy.truste.com 80 Oscp.verisign.com

If your organization has outbound firewall rules that are based on IP address whitelisting, you need to add the Microsoft Windows Azure Service Bus service to the whitelist. Go to the following URL to get the most current list of IP addresses: www.microsoft.com/en-us/download/details.aspx?id=41653 Steps to setup Active Directory 1. Login to the AVG Business SSO Cloud Manager portal at https://sso.avg.com/manage using the administrator account provided via email. Having trouble with login? Use the "Forgot your password?" link in the login window. We recommend that if you use Active Directory in your organization, you set it up internally for your own use first. To setup Active Directory for your own organization please skip step 2 and proceed to step 3 To setup Active Directory for your customers please proceed to Step 2 2. Adding New Customers a. Add a new customer in the portal by clicking on Customers>Create Customer.

The newly created customer will now show up in your customers list. Login as the customer by checking the box next to the customer s name and clicking Actions>Login 3. Create a new admin user for the active directory cloud connector Whenever a new customer is created, a default administrator user named mspadmin@domainsuffix is created for that role. This user, being a system administrator, has full access rights required for setting up active directory. Important: Ignore this admin user and create a new user with a descriptive name such as CloudConnectorUser@domain.com and setting up AD with that user s credentials. The user you create must be added to the System Administrator Role. To see how to add roles and users please refer to the SSO getting started guide.

4. Add the Active Directory login suffix (Skip this step and go to Step 5 if the user has been assigned a role with Register Cloud Connector Permissions.) a. The login suffix is that part of the login name that follows @. For example, if the login name is bob.jones@acme.com, the login suffix is acme.com. The login suffix identifies for the identity platform which ID repository has the user s account when the user logs in to the identity platform portals or enrolls a device. If the login suffix is not listed on this page, the user cannot be authenticated. For adding users with Active Directory accounts in domains you must add those login suffixes before these users can log in to Cloud Manager or the Business SSO user portal, and enroll a device. b. To add a login suffix, first note the active directory login suffix for your users. This can be seen by opening your Active Directory users and computers and clicking on a user name

Suffix > Add c. To add the suffix click Settings > Login d. Enter the suffix you had noted earlier from the active directory users window and click Save. The newly added suffix will now show up in the list of login suffixes

5. Download the Cloud Connector The administrator now needs to download the AVG Business SSO Cloud Connector the download link is available in the Cloud Manager portal via Settings > Cloud Connectors > Add cloud connector 6. Install the cloud connector on any member server running Windows server 2008 R2 or higher. Installation on a domain controller is not required but can be used for testing or evaluation purposes.

7. Setup the Configuration Wizard After the cloud connector installation is complete, the Cloud Connector Configuration wizard will automatically run. Enter the administrator credentials for the user you had set up in Step 3 to continue

At this stage you might see several warnings. These can be ignored After completing the installation, you can confirm whether the newly installed connector is visible in the Cloud Manager under Settings > Cloud Connectors. Note that the Forest that shows up for the connector should be the same as the login suffix you had entered from the AD users

Verify that active directory has been set up: The final step before adding additional apps, roles or policies to the Cloud Manager should be to verify both Active Directory and cloud based users can be invited and login to the AVG Business SSO User portal. A successful login is required before users can access SaaS applications or enroll mobile devices. To invite active directory users click Users >Invite User. In the dialog box that opens you will now see an additional active directory entry under Source. This will be checked by default. To invite users start typing the name of the AD user and it will show up under the user list By default, all Active Directory users have login rights to https://sso.avg.com/my to access provisioned applications, manage mobile devices and account contact information. Users simply login using their full AD username or email address and password.

Cloud based user accounts (CUS) must be members of the "Everybody" role. This option is enabled by default when creating new cloud based user accounts but the option can be disabled if an Admin chooses. Congratulations! You should now have a fully functioning cloud tenant with the ability to manage both cloud and AD users to provide access to SaaS applications, mobile device management and policy controls.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information