6-9
UserGuide for Cisco Dig ital Media Manager 5.2.x
OL-15762-03
Chapter6 Authentication and Federated Identity
Concepts
Understand the Requirement to Authenticate UsersAlthough Cisco DMS always authenticates users, we support three authentication methods.
•Embedded authentication is completely native to CiscoDMS. It d oes not depend on any
external servers.
•LDAP authentication causes Cisco DMS products to rely on one— and only one—Microsoft
Active Directory server and a Microsoft Internet Information Server (IIS). Thus, setup and
operation with this method are more complex than with embedded authentication.
•NEW IN CISCODMS 5.2.3—Federation mode —also known as single sign-on ( SSO) causes Cisco DMS
products to rely on a SAML 2.0-compliant IdP in combination with a Microsoft Active Directory
server and IIS. Thus, setup and operation with this method are more complex than with LDAP
authentication.
Note You must choose one of these methods. The method that you use determines which login screen your users will see.
Tip • After a user session times out, we prompt the affected user to log in twice.
• An unresponsive ActiveD irectory server can hang a login prompt for 20 minutes without any error message.
Related Topics
•LDAP and Active Directory Concepts, page6-10
•Federated Identity and Single Sign-on (SSO) Concepts, page 6-17
EMBEDDED MODE LDAP MODE FEDERATION (SSO) MODE1
1. When any of your federation servers uses a self-signed certificate, we show your users two SSL warnings during login.
IdP-specific login screen
(NEW IN CISCO DMS 5.2.3)