6-21
UserGuide for Cisco Dig ital Media Manager 5.2.x
OL-15762-03
Chapter6 Authentication and Federated Identity
Procedures
The result varies according to the combination of your choices.
Understand Migration (from Embedded) to Either LDAP or SSONote • Before you migrate from embedded authentication mode to federation mode, you must install a digital certificate
from a trusted CA on your IdP server. Otherwise, you cannot migrate to federation mode at all.
•After you migrate from embedded authentication mode to either LDAP mode or federation mode, the locked property sheets
become unlocked. You must use them.
• Migration from one mode to another takes as long as 1 minute to finish.
Procedures
•Export the Root CA X.509 Certificate from Your Active Directory Server, page6-22
•Configure DMM to Trust the Active Directory Root CA, page6-22
•Choose an Authentication Method, page 6-23
•Configure LDAP Settings, page6-23
•Configure Federation Services for SSO, page 6-29
When You
Keep Local
Copies of
The Result
Users
Groups
Policies
Yes Yes Ye s
•We preserve all local information.
•We overwrite all LDAP-derived user account passwords with
CiscoDMMvp99999. 1
1. This security feature protects your network and user data. If anyone gains unauthorized access to the exported file and tries
to use it, Active Directory rejects the invalid passwords.
Yes No No
•We preserve all local user accounts. However, we overwrite all LDAP-derived
user account passwords with CiscoDMMvp99999.1
•We discard all LDAP-derived groups.
•We discard all LDAP-derived policies.
No Yes Yes
•We discard all LDAP-derived user accounts.
•We preserve all LDAP-derived groups. However, they are empty.
•We preserve all LDAP-derived policies. Although they no longer apply to anyone,
you can reuse them and apply them to any remaining user accounts and any future
user accounts as you see fit.
No No No •We discard all LDAP-derived users, groups, and policies.