InfoRouter LDAP Authentication Web Service documentation for inforouter Versions 7.5.x & 8.x



Similar documents
inforouter V8.0 Server Migration Guide.

Administrator s Upgrade Guide.

HGC SUPERHUB HOSTED EXCHANGE

Using Internet or Windows Explorer to Upload Your Site

Migrating helpdesk to a new server

Install SQL Server 2014 Express Edition

SecureAware on IIS8 on Windows Server 2008/- 12 R2-64bit

Application Note. ShoreTel 9: Active Directory Integration. Integration checklist. AN June 2009

Installing LearningBay Enterprise Part 2

IIS, FTP Server and Windows

Alert Notification of Critical Results (ANCR) Public Domain Deployment Instructions

Cloud Services ADM. Agent Deployment Guide

Scan to Quick Setup Guide

IMPLEMENTING DIRECTORY SERVICES INTEGRATION WITH HELIX MEDIA LIBRARY Revision Date: September 2014

NT Authentication Configuration Guide

Implementing Microsoft SQL Server 2008 Exercise Guide. Database by Design

Authentication Methods

McAfee One Time Password

How to Access Coast Wi-Fi

CRM Migration Manager for Microsoft Dynamics CRM. User Guide

Setup guide. TELUS AD Sync

FTP, IIS, and Firewall Reference and Troubleshooting

Active Directory Authentication Integration

Using Microsoft Windows Authentication for Microsoft SQL Server Connections in Data Archive

Quick Scan Features Setup Guide

OTP Server. Integration module. Nordic Edge AD Membership Provider for Microsoft ASP.NET. Version 1.0, rev. 6. Nordic Edge

Active Directory Management. Agent Deployment Guide

LearningServer Portal Manager

NovaBACKUP xsp Version 15.0 Upgrade Guide

CREDENTIAL MANAGER IN WINDOWS 7

Outlook Profile Setup Guide Exchange 2010 Quick Start and Detailed Instructions

Configure Single Sign on Between Domino and WPS

Active Directory Integration

Installation and Upgrade Guide

SCADA Security. Enabling Integrated Windows Authentication For CitectSCADA Web Client. Applies To: CitectSCADA 6.xx and 7.xx VijeoCitect 6.xx and 7.

Configuring the Active Directory Plug-in

Reference and Troubleshooting: FTP, IIS, and Firewall Information

Setting Up the Device and Domain Administration

Issue Tracking Anywhere Installation Guide

SETTING UP ACTIVE DIRECTORY (AD) ON WINDOWS 2008 FOR EROOM

NTP Software File Auditor for Windows Edition

Security Assertion Markup Language (SAML) Site Manager Setup

Migrating MSDE to Microsoft SQL 2008 R2 Express

INSTALLATION GUIDE V2.1 (DRAFT)

Configuring EPM System for SAML2-based Federation Services SSO

Table of Contents. FleetSoft Installation Guide

LDAP Implementation AP561x KVM Switches. All content in this presentation is protected 2008 American Power Conversion Corporation

OneLogin Integration User Guide

ADFS Integration Guidelines

HP Device Manager 4.6

To install Multifront you need to have familiarity with Internet Information Services (IIS), Microsoft.NET Framework and SQL Server 2008.

Immotec Systems, Inc. SQL Server 2005 Installation Document

Active Directory Requirements and Setup

1 of 10 1/31/2014 4:08 PM

WebSpy Vantage Ultimate 2.2 Web Module Administrators Guide

TIBCO Spotfire Web Player 6.0. Installation and Configuration Manual

Note that if at any time during the setup process you are asked to login, click either Cancel or Work Offline depending upon the prompt.

PRiSM Security. Configuration and considerations

SonicWALL CDP 5.0 Microsoft Exchange User Mailbox Backup and Restore

WhatsUp Gold v16.1 Installation and Configuration Guide

HOW TO CONFIGURE SQL SERVER REPORTING SERVICES IN ORDER TO DEPLOY REPORTING SERVICES REPORTS FOR DYNAMICS GP

Mixed Authentication Setup

Census. di Monitoring Installation User s Guide

Millennium Drive. Installation Guide

MadCap Software. Upgrading Guide. Pulse

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

Configuration Task 3: (Optional) As part of configuration, you can deploy rules. For more information, see "Deploy Inbox Rules" below.

Configuring Active Directory with AD FS and SAML for Brainloop Secure Dataroom Setup Guide

Configuring Global Protect SSL VPN with a user-defined port

EMR Link Server Interface Installation

System Administration Training Guide. S100 Installation and Site Management

Installation Guide ARGUS Symphony 1.6 and Business App Toolkit. 6/13/ ARGUS Software, Inc.

Connecting to Remote Desktop Windows Users

Eylean server deployment guide

Single Sign-On Guide for Blackbaud NetCommunity and The Patron Edge Online

OrgPublisher EChart Server Setup Guide

OUTLOOK ANYWHERE CONNECTION GUIDE FOR USERS OF OUTLOOK 2010

Configuring Color Access on the WorkCentre 7120 Using Microsoft Active Directory Customer Tip

Connecting to Delta College Exchange services off-campus

Setup and configuration for Intelicode. SQL Server Express

VERALAB LDAP Configuration Guide

Polar Help Desk Installation Guide

INTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server

Created by Hotline Support Konica Minolta Hotline Support (UK) V1.2

Getting Started with AD/LDAP SSO

DIGIPASS Pack for Citrix on WI 4.5 does not detect a login attempt. Creation date: 28/02/2008 Last Review: 04/03/2008 Revision number: 2

External Authentication with Citrix Secure Gateway - Presentation server Authenticating Users Using SecurAccess Server by SecurEnvoy

Configuring a Windows 2003 Server for IAS

SAS 9.3 Foundation for Microsoft Windows

Swyx Trace Tool Server Installation

Setting up Hyper-V for 2X VirtualDesktopServer Manual

NETASQ SSO Agent Installation and deployment

CA Nimsoft Service Desk

Setting up Sharp MX-Color Imagers for Inbound Fax Routing to or Network Folder

Microsoft SQL Server Staging

Configuring User Identification via Active Directory

Monitoring Oracle Enterprise Performance Management System Release Deployments from Oracle Enterprise Manager 12c

Entrust Managed Services PKI. Configuring secure LDAP with Domain Controller digital certificates

How To Set Up Chime For A Coworker On Windows (Windows) With A Windows 7 (Windows 7) On A Windows 8.1 (Windows 8) With An Ipad (Windows).Net (Windows Xp

Use Enterprise SSO as the Credential Server for Protected Sites

Transcription:

InfoRouter LDAP Authentication Web Service documentation for inforouter Versions 7.5.x & 8.x Active Innovations, Inc. Copyright 1998 2015 www.inforouter.com

Installing the LDAP Authentication Web Service Introduction: All users must have a valid account to access inforouter. Access to document libraries, folders and documents are all subject to security. By default, such access is controlled by the inforouter authentication and security system. In addition to this built- in authentication system, inforouter also provides support for LDAP by integrating directly into the Active Directory system to authenticate inforouter users. To achieve this, you must install the LDAP Authentication Web Service to a server on your network. This server could be the inforouter machine itself or another server. The server you choose to install this web service must be a part of the domain you are trying to authenticate against. If you use more than on LDAP server, you must install this web service on multiple machines or create multiple websites (or virtual directories) for each LDAP server you wish to use. Summary of events: You will create a website or virtual directory to perform the authentication from LDAP You will configure this web service to point to the LDAP Domain Finally, you will configure inforouter to connect to this web service to make authentication calls.

Installing the LDAP Authentication Web Service The website or virtual directory contents are supplied in a folder called LDAP Authentication Web Service. This folder is located in the PROGRAM SETUPS folder under the inforouter installation directory. C:\inforouter\programsetups\LDAP Authentication Web Service You must use the contents of this directory to create a website or a virtual directory that will be accessed by inforouter to authenticate LDAP users. To do this, perform the following: 1) Copy the contents shown above into a folder which will become the working directory for the website or virtual directory you are about to create. 2) Using the IIS Manager tool, create a website or virtual directory on the inforouter server or some other server on the network. 3) Give the website or virtual directory a name like IRAuthenticationSrv 4) Make the working directory of the website the folder you created in step 1. 5) Edit the file called Web.config in the working directory using Notepad.exe to enter the actual LDAP Domain Name.

Installing the LDAP Authentication Web Service The web.config file should look like the sample below: <appsettings> <add key="authenticationmethod" value="adsi"/> <! replace ACME with your domain name- - > <add key="domainname" value="acme"/> </appsettings> In the above sample, users will be authenticated against a domain called ACME. Change ACME with your actual domain name. Remember: Domain names are case- sensitive The expected value here is a domain name and NOT a server name or IP address. The value for the parameter called AUTHENTICATIONMETHOD can be either ADSI or SSPI The ADSI method uses.net objects. It can be slow at times but returns descriptive error messages and can be run in X64 mode on IIS. The SSPI method is the old fashion low- level windows API implementation. SSPI is very fast and scalable but runs only in 32 bit IIS mode. Unfortunately, the SSPI method does not return descriptive error messages in cases where the Primary or the Backup domain controllers are not available or operational. Other common problems are also not adequately reported using this method. We recommend the use of the ADSI method on X64 machines. The ADSI method is the default setting.

Configuring inforouter to use the LDAP Authentication Web Service Now that you have installed the inforouter LDAP Authentication Web Service, you must configure inforouter to use this web service for authentication. Notice that before configuring inforouter, the user properties window will look like the following: Notice that the only option for Authentication Type is inforouter. Follow the instructions below to configure inforouter to use the LDAP Authentication Web Service: The way to define the existence of such a service or services to inforouter is to create a few entries in the inforouter Web Application Configuration (Web.config) file. This file is located in a path such as the following (depending on which drive you installed inforouter): C:\inforouter\site\web.config Or D:\inforouter\site\web.config Or E:\inforouter\site\web.config

Configuring inforouter to use the LDAP Authentication Web Service The following sample demonstrates how this declaration is done in the inforouter web.config file. Edit the web.config file and enter the following keys into the <appsettings> section of the web.config file. <appsettings>... <add key="authenticationauthorities" value="acme"/> <add key="acme" value="http://acmesrv/irauthenticationsrv/irauthenticationsrv.asmx"/>... </appsettings> In the above sample, your LDAP domain is called ACME. If you have more than one LDAP server with different user sets, then the web.config settings should look like the following: A separate key for each NT Domain server is required to identify the web service application that performs the authentication service. <appsettings>... <add key="authenticationauthorities" value="acme,xyz"/> <add key="acme" value="http://acmesrv/irauthenticationsrv/irauthenticationsrv.asmx"/> <add key="xyz" value="http://xzysrv/irauthenticationsrv/irauthenticationsrv.asmx"/>... </appsettings> In the sample above you have two LDAP servers and they are called ACME and XYZ. Accordingly, when inforouter needs to authenticate a user from the ACME domain server, it will ask a server called ACMESRV if the user credentials for the user match what was entered by the user at the inforouter login screen. Similarly, when a user from the XYZ domain attempts to log in to inforouter, inforouter will ask a server called XYZSRV to verify the user credentials. This web service application was developed to support authentication from multiple domains. So if you have multiple domains within the same organization but a single instance of inforouter to support all users, install this web service to as many domains as required.

Configuring inforouter to use the LDAP Authentication Web Service Once you make the edits to the web.config file and display the user properties of any given user, the screen will look like the following: Notice that the screen now allows you to choose an Authentication type and inforouter is no longer the only option. ACME appears as an alternative authentication source. For each user you wish to authenticate from this new authentication source, you must edit their user profiles to change the authentication type to the new source. Now that you have installed the LDAP Authentication Web Service and configured inforouter, you should be able to authenticate a user from the defined LDAP server.

Configuring inforouter to use the LDAP Authentication Web Service Perform the following to test the configuration: 1. Login to inforouter as the SYSADMIN 2. Navigate to the inforouter Control Panel 3. Click on the Manage Users link. 4. Define a new user or edit the user profile of an existing user. 5. This user must have a valid LDAP Account (Same user id in inforouter and LDAP). 6. Make sure to choose the LDAP domain name in the Authentication Type field. 7. The password you specify at this point does not matter. The LDAP password is the one that will be used. Make up a password which will essentially be ignored by inforouter. 8. Save the user profile. 9. Logout 10. Navigate back to inforouter and click on the Member Login link 11. Specify the user name and password (LDAP password) of the account you just edited and click ok. You should be able to login using the user id and password as it was defined in LDAP. If for some reason you cannot login, refer to the troubleshooting section in the following pages.

Troubleshooting Try navigating to inforouter and logging in with an LDAP user id and password. Make sure that this user has been marked as LDAP Authenticated in inforouter. In this case the authentication type should read ACME in the user properties screen. If this user cannot be authenticated, there could be two possible reasons. Possible Reason 1: The LDAP authentication service has not been configured correctly. To test this, try the following: Launch a browser window and type the URL of the inforouter Authentication Web Service you just installed. The URL should be something like this: http://<servername>/<irauthenticationservicevirtualdir>/irauthenticationsrv.asmx <servername> is the name of the server where the service was installed <irauthenticationservicevirtualdir> is the virtual directory to which you installed the service. You should see a screen like this. Click on the AuthenticateUser link

Troubleshooting Enter the User Name and Password of the LDAP Authenticated user and click Invoke The service may respond in two ways: TRUE and FALSE Both are OK. If the server indicates that the user is unknown or bad password, this means that the service is running ok. Try typing in the user id and password again making sure to enter them both correctly.

Troubleshooting If the server indicates TRUE for the success parameter and nothing for the Error parameter then the user can be authenticated correctly using this server. In any case, if you get one of the above responses from this service, this will mean that the service has been configured correctly. If you can authenticate a user id and password correctly using this screen but cannot authenticate from inforouter, try looking into possible reason 2. Possible Reason 2: This is the case where the inforouter server has not been properly configured to call the correct authentication service. To check this, navigate to the web.config file located in the c:\inforouter\site directory. Remember to do this on the inforouter web server. Edit the web.config file with the Notepad application You should see a section in the <appsettings> section such as the following: <appsettings>... <add key="authenticationauthorities" value="acme"/> <add key="acme" value="http://acmesrv/irauthenticationsrv/irauthenticationsrv.asmx"/>... </appsettings> Make sure that the URLs are typed in correctly. A good way to make sure that the URL is valid is to copy the entire URL in the value field and paste it into a browser window. Make sure that you can successfully access the authentication server.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information