VBrick Systems ETV v3.1 manual Using Single Sign-On

Page 47

Administration

Note The Softerra LDAP Browser 2.6 provides an Explorer-like LDAP client you can use to browse the LDAP tree. It is available for Windows only and can be downloaded free of charge from Softerra at http://www.ldapbrowser.com

Using Single Sign-On

If the LDAP server is Microsoft Active Directory, you can select Integrated Windows Authentication to enable "single sign-on." This means that once you login to your local network with your assigned credentials, you can open ETV Portal Server without re-entering your login credentials. ETV Portal Server uses your assigned credentials to authenticate and authorize your defined permissions within the application. When configuring for Integrated Windows Authentication, keep the following points in mind:

Integrated Windows Authentication is only valid when using LDAP Authentication with Microsoft Active Directory. ETV Portal Server enforces this as a business rule.

Integrated Windows Authentication only works seamlessly with Microsoft Internet Explorer browsers (Windows and Macintosh). When accessing ETV Portal Server, you will get a popup login window only if you have not previously logged in to the network.

When using Integrated Windows Authentication, all single-sign-on users must have an Active Directory account and the Portal Server server must be part of the Windows domain.

When using Integrated Windows Authentication, Microsoft Internet Explorer's default

behavior is that it will not prompt for an ID/password when the server is in the Local Intranet Zone. (By default, Internet Explorer assumes a URL without a period (.). This

means http://yourserver/ is in the Local Intranet Zone while http:// yourserver.yourcompany.com (or http://199.88.7.11)) is in the Internet Zone.

TTo use single-sign-on (and avoid username/password prompts), you must do one of the following:

Access the Portal Server server by the alphanumeric name (for example http://

yourserver/).

Access the Portal Server server by the IP address in which case you must also:

Add the Portal Server server to the Local Intranet Zone (Internet Options >

Security > Sites). This setting can be pushed company-wide by an administrator

using security policies.

Change Internet Explorer's default settings to allow Automatic Logon for non-

Intranet zones (Internet Options > Security Tab > Customize Level > User Authentication).

Note If using an LDAP directory other than Microsoft's Active Directory, VBrick strongly recommends using SSL to encrypt the communication between the Portal Server server and the LDAP directory. Please consult your LDAP vendor documentation for instructions on how to configure SSL.

ETV Portal Server Administrator Guide

39

Image 47
Contents VBrick EtherneTV Portal Server About VBrick Systems CopyrightContents Access Control Auto Content Ingestion Contents Font Conventions OrganizationPrinter-Friendly Related DocumentsDownloaded Components OverviewETV Portal Server MySQLDesktop Requirements Server RequirementsWindows PCs End User FeaturesEtherneTV-STB Set-Top Box Administrative FeaturesAdditional ETV Components EtherneTV Video-on-Demand ServerETV Live Portal Server Additional Portal Server ComponentsVBrick Encoders/Decoders ETV Network Video RecorderLive Portal Server User Interface Portal Server License FilesLicense File Description License Errors Administrator Options Administrator LoginOption Description Global Assignments Global SettingsFunction Description Only be done if advised by a VBrick technician or Network Custom Fields Customize Streams Add Link Add/Modify Video On-Demand Servers ServersAdd/Modify On-Demand Content Folders VBricks Select Add VBricks and click Submit To Configuration System Securit y IWS Server Port Set Top Boxes Advanced SettingsAdministration Recorders To add a Recorder configurationSelect Add Recorders and click Submit Script Devices Scripts Select Add Scripts and click Submit Add/Modify a URL for a Live Video Stream URLsURL VOD ContentNon-Video to Content PC Users Only Emergency Broadcast Administration VBrick Systems, Inc Administration Access Control Modify VOD ContentAdministration Required by ETV Portal Server. Case sensitive. Must begin Using Single Sign-On Installing the Root Certificate Using Ldap Servers with SSLClick Browse Resolving Other Security Alerts DiagnosticsStatus Logout HelpDefinitions Access ControlResources and Resource Groups AuthenticationAuthorization VBrick DatabaseAuthentication by PIN STB AuthenticationSetup and Configure the EtherneTV System Authentication by IP AddressChoose an Authentication Method Ldap Directory Server Create User Groups on the Portal ServerCreate Resource Groups on the Portal Server Assign Resources to Users or User Groups UsersCreate Users on the ETV Portal Server VBrick Systems, Inc Assigning Privileges to Users Add/Modify User InformationAdd/Modify Live Channel Privileges Allow Access to Specific VOD ServersAdd/Modify Users Group Assignments Add/Modify Users Resource Group AssignmentsAllow Content Recording Allow Access to Specific VOD ContentAllow Viewing by Content Type Allow Content PublishingUser Groups Add/Modify Groups Resource Assignments Add/Modify Group InformationAdd/Modify Groups User Assignments Resource Groups Add/Modify Users Resource Assignments Add/Modify Resource Group InformationVBrick Systems, Inc Generate a Certificate Request Configuring for SSLSubmit a Certificate Request Install the CertificateConfigure Resources for SSL VBrick Systems, Inc Auto Content Ingestion Removing Closed Captions To remove the closed captions track from MPEG-4 files VBrick Systems, Inc Index Index ETV Portal Server Administrator Guide Index Page VBrick Systems, Inc Beaumont Road Wallingford, Connecticut