Chapter 6 Authentication and Federated Identity

Concepts

Overview

User authentication features of DMS-Admin help you to:

NEW IN CISCO DMS 5.2.0 — Authenticate all user sessions. We now we prevent you from disabling mandatory authentication, even though we allowed this in Cisco DMS 5.1.x and prior releases.

Choose and configure an authentication method.

Import user account settings from an Active Directory server.

NEW IN CISCO DMS 5.2.1 — Synchronize user groups from an Active Directory server.

NEW IN CISCO DMS 5.2.3 — Use federation services with a SAML 2.0-compliant IdP to support SP-initiated “single sign-on” login authentication in your network (following an initial synchronization to a Microsoft Active Directory Server that populates the DMM user database).

Note We support your use of one — and only one — IdP server with Cisco DMS 5.2.3.

Glossary

Timesaver Go to terms that start with... [ A C D F I L O R S U X ].

A

Active Directory Microsoft implementation of LDAP. A central authentication server and user store.

Active Directory A domain-straddling combination of Active Directory trees within an organization that operates

forestmultiple Internet domains. Thus, the forest at “Amalgamated Example, LLC” might straddle all trees across example.com, example.net, and example.org.

Or, to use Cisco as a real-world case-study, one forest could straddle cisco.com and webex.com, among others.

Note

This Cisco DMS release does not support Active Directory forests.

Active Directory A subdomain-straddling combination of IdPs throughout one Internet domain. These IdPs operate

treecollectively on behalf of the Internet domain’s constituent subdomains. Thus, the “tree” at example.com might encompass all of the IdPs to authenticate user sessions within subdomains such as these:

legal.example.com

sales.example.com

support.example.com

User Guide for Cisco Digital Media Manager 5.2.x

6-2

OL-15762-03

 

 

Page 48
Image 48
Cisco Systems 5.2.x manual User authentication features of DMS-Admin help you to