Acano Solution 1.1. Multi-tenancy Considerations. Acano. April 2014 76-1024-02-B



Similar documents
Configuring User Identification via Active Directory

Configuring Steel-Belted RADIUS Proxy to Send Group Attributes

SCOPTEL WITH ACTIVE DIRECTORY USER DOCUMENTATION

Acano solution. Third Party Call Control Guide. March E

Protected Trust Directory Sync Guide

Acano solution. Acano Manager R1.1 FAQs. Acano. December G

Nexio Insight LDAP Synchronization Service

WebSpy Vantage Ultimate 2.2 Web Module Administrators Guide

SharePoint AD Information Sync Installation Instruction

Administration: Users and Roles

Active Directory Syncing

Matrix Technical Support Mailer 33 COSEC Integrate (Import from Active Directory)

Active Directory Integration

How to configure the Panda GateDefender Performa explicit proxy in a Local User Database or in a LDAP server

WHMCS LUXCLOUD MODULE

Quality Center LDAP Guide

Installation and Configuration Guide

Cloudwork Dashboard User Manual

Acano Solution. Acano Manager Release Release Notes. June O

Only LDAP-synchronized users can access SAML SSO-enabled web applications. Local end users and applications users cannot access them.

Getting Started with Clearlogin A Guide for Administrators V1.01

Basic Configuration. Key Operator Tools older products. Program/Change LDAP Server (page 3 of keyop tools) Use LDAP Server must be ON to work

To enable an application to use external usernames and passwords, you need to first configure CA EEM to use external directories.

Brivo Directory Agent. User Guide

Integrating LANGuardian with Active Directory

SonicWALL Security Quick Start Guide. Version 4.6

User Management Guide

Matrix Technical Support Mailer - 72 Procedure for Image Upload through Server in SATATYA DVR,NVR & HVR

Configuring Sponsor Authentication

CRM to Exchange Synchronization

Acano solution. Virtualized Deployment R1.1 Installation Guide. Acano. February B

LDAP Synchronization Agent Configuration Guide

Adobe Connect LMS Integration for Blackboard Learn 9

WatchDox Administrator's Guide. Application Version 3.7.5

Using LDAP Authentication in a PowerCenter Domain

Acano solution. Acano Clients v1.7 Getting Started Guide. June D

GreenRADIUS Virtual Appliance

OneLogin Integration User Guide

Avigilon Control Center System Integration Guide

How To Set Up Chime For A Coworker On Windows (Windows) With A Windows 7 (Windows 7) On A Windows 8.1 (Windows 8) With An Ipad (Windows).Net (Windows Xp

Using Microsoft Windows Authentication for Microsoft SQL Server Connections in Data Archive

Mobile device management

User Management Tool 1.5

Acano Manager. Acano Manager is a single point of management for enterprise and Service Provider collaboration infrastructure.

User Guide. Voice Services Self Care Portal. Logging In. Welcome to the Self Care Portal

Integrating Webalo with LDAP or Active Directory

Configuring Integrated Windows Authentication for Oracle WebLogic with SAS 9.2 Web Applications

LDAP Synchronization Agent Configuration Guide for

Setting Up Scan to SMB on TaskALFA series MFP s.

Active Directory Requirements and Setup

SCADA Security. Enabling Integrated Windows Authentication For CitectSCADA Web Client. Applies To: CitectSCADA 6.xx and 7.xx VijeoCitect 6.xx and 7.

PineApp Surf-SeCure Quick

How to configure the TopCloudXL WHMCS plugin (version 2+) Update: Version: 2.2

Integrating Trend Micro OfficeScan 10 EventTracker v7.x

Defender Configuring for Use with GrIDsure Tokens

Remote Access to Embedded WEB by NAT Port Forwarding

Managing User Accounts

Your Question. Net Report Answer

HP Device Manager 4.6

Sophos Mobile Control Installation guide

Synchronization Agent Configuration Guide

Administration Guide. WatchDox Server. Version 4.8.0

BusinessObjects Enterprise XI Release 2

Summary. How-To: Active Directory Integration. April, 2006

Phone Inventory 1.0 (1000) Installation and Administration Guide

Application Note. ShoreTel 9: Active Directory Integration. Integration checklist. AN June 2009

Active Directory Authentication Integration

Acano solution. Acano Client Troubleshooter. September J

Using LDAP for User Authentication

MadCap Software. Upgrading Guide. Pulse

Acano solution. Security Considerations. August E

SITRANS RD500 Configuring the RD500 with PSTN or GSM modems and Windows-based servers and clients for communication Objective:

LDAP Operation Guide

Field Description Example. IP address of your DNS server. It is used to resolve fully qualified domain names

Phone Manager Application Support OCTOBER 2014 DOCUMENT RELEASE 4.1 SAGE CRM

Flexible Identity. LDAP Synchronization Agent guide. Bronze. version 1.2

SWGFL Video Conferencing Service Registration of Endpoints. South West Grid for Learning. Version 1.1. Steve Cayley Ian White. Date: February 2004

Important Information

InfoRouter LDAP Authentication Web Service documentation for inforouter Versions 7.5.x & 8.x

IIS, FTP Server and Windows

SOA Software API Gateway Appliance 7.1.x Administration Guide

Instant Chime for IBM Sametime High Availability Server Guide

Computer Services Documentation

Application Notes for MultiTech FaxFinder FFx40 Software version with Avaya IP Office 8.0 Issue 1.0

Integrating with IBM Tivoli TSOM

Administration Guide GroupWise Mobility Service 2.1 February 2015

Integrating Juniper Netscreen (ScreenOS)

QUANTIFY INSTALLATION GUIDE

System Administration Guide

Quick Start Guide Sendio Hosted

Product Guide Addendum. SafeWord Check Point User Management Console Version 2.1

Using LDAP with Sentry Firmware and Sentry Power Manager (SPM)

Group Management Server User Guide

How to Configure Active Directory based User Authentication

Application Note: Cisco Integration with Onsight Connect

TECHNICAL NOTE TNOI27

Polycom RealPresence Resource Manager System Getting Started Guide

Setting up Hyper-V for 2X VirtualDesktopServer Manual

AppWall SIEM Integration Guide

Transcription:

Acano Solution 1.1 Multi-tenancy Considerations Acano April 2014 76-1024-02-B

Contents Contents 1 Introduction 3 1.1 Multi-tenancy Basics... 3 2 Suggested Procedure 5 Appendix A Acano Multi-tenancy Configuration Example 6 Creating Tenants... 6 Creating an LDAP Server... 7 Creating an LDAP Mapping... 8 Creating an LDAP Source... 9 Performing an LDAP Sync to Import Users from Tenants... 11 Adding the Acano Core Server to Acano Manager... 12 Creating Users for Each Tenant in Acano Manager... 13 Creating cospaces... 13 Testing Multi-tenancy... 14 Acano Solution: Multi-tenancy Considerations R1.1 76-1024-02-B Page 2

Introduction 1 Introduction The Acano solution supports multi-tenancy; this refers to sub-dividing its capacity into a set of islands where each island has all of the functionality of the unit as a whole, but has no access to the resources (for instance users, cospaces, or active calls) of other tenants. For example, if users associated with a tenant search for a cospace, they only see cospaces associated with their own tenant. The multi-tenancy provision is through the Acano solution API. (For full details of features that support multi-tenancy see the Acano solution R1.1 API Reference Guide.) This document describes setting up multi-tenancy usage. Note: When using multi-tenancy, not every user or cospace (and therefore not every call) has to be associated with a tenant. 1.1 Multi-tenancy Basics Figure 1: Outline multi-tenancy process Note: The letters m to r show that the number of entries in each table is not necessarily the same; for example, there are likely to be several users per tenant. The Tenant table (see figure 1) is fundamental to multi-tenancy and therefore to all tenant operations. The API provides a number of operations for creating, modifying and deleting tenants. LDAP Sources can be associated with a tenant (but need not be). If an LDAP Source is associated with a tenant, then after the LDAP synchronization with that source any imported Acano Solution: Multi-tenancy Considerations R1.1 76-1024-02-B Page 3

Introduction LDAP (AD) users will also be associated with that tenant and if user cospaces are created as part of the process, they are also associated with the tenant. As a consequence, all calls made by these users, or for these cospaces are also associated with the tenant. Note: The cospace table may contain cospaces set up through the PC client not only those created through LDAP Server synchronization. Acano Solution: Multi-tenancy Considerations R1.1 76-1024-02-B Page 4

Suggested Procedure 2 Suggested Procedure To provide multi-tenancy, follow these steps: 1. Set up your tenant table using the API POST operation for creating tenants (see the API Reference Guide). 2. Set up the LDAP Servers, LDAP Mappings and LDAP Sources using the API. LDAP Server configuration provides location and authentication and is independent of multi-tenancy. Equally multi-tenancy does not necessarily require more than one LDAP Server if sub-ous or subdomains are associated with a particular tenant; clearly, the LDAP Source configuration must be configured appropriately. LDAP Mapping configuration defines the form of user account names created on synchronization and is independent of multi-tenancy. If the optional cospaceurimapping, cospacenamemapping and cospacecallidmapping parameters are provided, then a cospace will be created for every user who is created during synchronization. This is very powerful functionality is described in the API Reference Guide and is constantly under review. LDAP Source configuration defines which LDAP Source and LDAP mapping to use, the set of Active Directory users to consider for import and the filter pattern to apply in order to decide whether to import individual users. LDAP Sources can be associated with a tenant and therefore the API POST operation may need to contain a tenant id parameter if you are using multi-tenancy Note: Each user and cospace must be able to be dialed; that is, requires a unique URI. Therefore ensure that your LDAP Servers, LDAP Mappings and LDAP Sources are set up to make this happen. 3. Synchronize LDAP sources, either through the API or Web Admin Interface: POST operation on the "/ldapsyncs" node. See the API Reference for details. If the synchronization completed successfully the response will include a "Location" of the form "/api/v1/ldapsyncs/<ldapsync ID>". Log in to the Web Admin Interface, go to Configuration > Active Directory and click Sync now. Check that the synchronization completed successfully. For example, check the syslog to verify that the process completed without errors and check the Status > Users page in the Web Admin Interface to ensure that user names are as intended. Acano Solution: Multi-tenancy Considerations R1.1 76-1024-02-B Page 5

Appendix A Acano Multi-tenancy Configuration Example This appendix assumes that you have followed the instructions in the appropriate Acano solution Installation Guide completely. If this is not the case, then do so now before following this example. In this example: Postman is used as the tool to access the API Acano Server Web Admin Interface IP address is192.168.1.101. Acano Manger IP address is 192.168.1.188. Active Directory Server IP address is 192.168.1.10 For full details of the API functionality see the Acano solution API Reference guide. Creating Tenants Creating is a POST operation on the /tenants node. 1. Create two tenants, tenant1 and tenant2: Perform two POST operations with the Post URL https://192.168.1.101/api/v1/tenants The body message is name=tenant1 for the first POST and then name=tenant2. If the POST operation is successful, 200OK status is seen as below. 2. Perform a GET operation as a check. Each tenant has its own tenant ID, as shown below Tenant1 ID = 2f582acb-e8d3-4813-895c-c139576c0403 Tenant2 ID = c79790e8-aa6d-4c8b-93a9-87664ee7d20b Acano Solution: Multi-tenancy Considerations R1.1 76-1024-02-B Page 6

Creating an LDAP Server Creating is a POST operation performed on the /ldapservers node. This example creates an LDAP server with the following: LDAP server address: 192.168.1.10 Port: 389 Username: cn=adsync, cn=users, dc=acanodemo, dc=com Passward: <password_of_user_adsync> 3. Perform a Post operation with the Post URL https://192.168.1.101/api/v1/ldapservers body message is address=192.168.1.10&portnumber=389&username=cn=adsync, cn=users, dc=acanodemo, dc=com&password=acano.123&secure=false If the POST operation is successful, a 200OK status is seen, as below. Acano Solution: Multi-tenancy Considerations R1.1 76-1024-02-B Page 7

4. Perform a GET operation as a check. The LDAP server ID: LDAP server ID = 6c22b6ea-c1e5-4569-aaf6-7ae2a951b673 Creating an LDAP Mapping Creating is a POST operation on the /ldapmappings node. In this example the LDAP mapping will map: Display name: $cn$ Username: $samaccountname$@demo.acanodemo.com 5. Perform a Post operation with the Post URL https://192.168.1.101/api/v1/ldapmappings body message is jidmapping=$samaccountname$@demo.acanodemo.com&namemapping=$cn$ If the POST operation is successful, a 200OK status is seen, as below. Acano Solution: Multi-tenancy Considerations R1.1 76-1024-02-B Page 8

6. Perform a GET operation as a check. LDAP mapping ID = 311f8a8f-51df-4b48-bedc-1ad793bf35f3 Creating an LDAP Source Creating is a POST operation on the /ldapsources node. This example creates an LDAP source for tenant1 with: LDAP Server ID: 6c22b6ea-c1e5-4569-aaf6-7ae2a951b673 LDAP Mapping ID: 311f8a8f-51df-4b48-bedc-1ad793bf35f3 Tenant1 ID: 2f582acb-e8d3-4813-895c-c139576c0403 BaseDn: ou=tenant1,dc=acanodemo,dc=com (create an OU=tenant1 and create users a1, a2 under it) Filter: objectclass=person See the Directory Information Tree below. Acano Solution: Multi-tenancy Considerations R1.1 76-1024-02-B Page 9

7. Perform a Post operation with Post URL https://192.168.1.101/api/v1/ldapsources body message is server=6c22b6ea-c1e5-4569-aaf6-7ae2a951b673&mapping=311f8a8f-51df-4b48-bedc- 1ad793bf35f3&baseDN=ou=tenant1,dc=acanodemo,dc=com&filter=objectClass=person &tenant=2f582acb-e8d3-4813-895c-c139576c0403 If the POST operation is successful, a 200OK status is seen as below. 8. Perform a GET operation as a check. The LDAP Source has its ID. Acano Solution: Multi-tenancy Considerations R1.1 76-1024-02-B Page 10

9. Create the second LDAP Source for tenant2 by following the steps above. 10. After performing a GET operation, you see the two LDAP Sources each with their own ID. Note: To import from a security group, see the Acano Solution Support FAQs. Performing an LDAP Sync to Import Users from Tenants 11. Perform a Post with Post URL https://192.168.1.101/api/v1/ldapsyncs and no body message. Acano Solution: Multi-tenancy Considerations R1.1 76-1024-02-B Page 11

12. Verify the Sync operation by going to the Web Admin Interface Status > Users page. In this example, users a1 and a2 are tagged with tenant1 s ID, while users b1, b2 and b3 are tagged with tenant2 s ID. Adding the Acano Core Server to Acano Manager To add Acano Core Server to Acano Manager, follow the Acano Manager Installation Guide. You should then see tenant1 and tenant2 as Customers in the Customer List in Acano Manager. Acano Solution: Multi-tenancy Considerations R1.1 76-1024-02-B Page 12

Creating Users for Each Tenant in Acano Manager To create user Admin1 for tenant1 and user Admin2 for tenant2 in Acano Manager follow these steps. 13. In the Acano Manager User List, click Add New, complete the User Details and save. 14. Repeat for the second user Creating cospaces 15. Log in on an Acano client as user a1. 16. Create a cospace called a1.cospace. 17. Login on an Acano client as user b1. 18. Create a cospace called b1.cospace. 19. Using Postman check that a1.cospace is tagged with tenant1, and b1.cospace is tagged with tenant2. Acano Solution: Multi-tenancy Considerations R1.1 76-1024-02-B Page 13

Testing Multi-tenancy 20. Log in on an Acano client as a1, and join a1.cospace. 21. On a different Acano client, log in user b1 and join b1.cospace. 22. Log in to Acano Manager as Admin1 and go to Calls In Progress. You see the active call of tenant1 but not any call details associated with tenant 2. (Similarly, if you logged in to Acano Manager as Admin2, you would only see the active call of tenant2.) 23. Log in with the Global Admin account. You see all tenants calls, as below. Acano Solution: Multi-tenancy Considerations R1.1 76-1024-02-B Page 14

Similarly, you can check the separation of other details such as Call Records. Acano Solution: Multi-tenancy Considerations R1.1 76-1024-02-B Page 15

2014 Acano (UK) Ltd. All rights reserved. This document is provided for information purposes only and its contents are subject to change without notice. This document may not be reproduced or transmitted in any form or by any means, for any purpose other than the recipient s personal use, without our prior written permission. Acano and cospace are trademarks of Acano. Other names may be trademarks of their respective owners. Acano Solution: Multi-tenancy Considerations R1.1 76-1024-02-B Page 16

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information