Cisco Systems 5.2.x

6-32

UserGuide for Cisc o Digital Media Manager 5.2.x

OL-15762-03

Chapter6 Authentication and Federated Identity

Reference

Last Configured IdP While it names an IdP explicitly, this value does not necessarily identify the IdP in current use.

Instead, this value describes only your most recent attempt to import configuration metadata

from an IdP, without regard for whether the attempt failed or succeeded.

This element is visible only in federation mode. It becomes populated for the first time after

you attempt at least once to import IdP metadata.

Tip Compare this value to the “Last Successfully Configured IdP” value. When they differ, you know that

your latest such attempt actually failed.

(SP Configuration File)

Export

Provides the means to export configuration metadata from DMM. Click Export to begin

browsing for a locally mounted drive and folder where you can save the exported config file.

Later, you will import this file into your IdP.

This element is visible only in federation mode.

Enable Authentication

Test

Helps you to test whether your federation mode settings are correct and will allow SSO for your

ordinary users.

Check this check box to expose UI elements that are otherwise hidden. Clear this check box to

hide such elements.

Test Username Enter a username that your IdP already knows. Do not use the “superuser” username. This

element is visible only while the Enable Authentication Test check box is checked.

Test User Password Enter the password that corresponds to the test username. This element is visible only while

the Enable Authentication Test check box is checked.

LDAP Configuration Area

Anonymous Enables or disables an anonymous connection between your DMM appliance and your

Active Directory server.

•An anonymous connection is suitable when you want to see or use public information on

the Active Directory server.

•In contrast, if you want to see or use privileged information on your ActiveDirectory

server, the server will require you to enter login credentials to prove that you have

sufficient access rights.

In the latter case, your ActiveDirectory server will reje ct any attempt to log in anonymously.

This check box is available to you only when you choose LDAP mode or federationmode.

Host Enter the routable IP address or DNS-resolvable hostname for the ActiveDirectory server. This

field is available to you only when you choose LDAP mode or federationmode.

Port Enter the TCP port number that your ActiveDirectory server uses for communications. This

field is available to you only after you choose LDAP mode or federationmode.

The Active Directory port number by default is:

•389 for LDAP communications.

•636 for LDAPS (Secure LDAP, or LDAP over SSL) and SSO communications.

Administrator DN Enter the distinguished name of the Active Directory server administrator.

This field is available to you only after you choose LDAP mode or federation mode and

uncheck the Anonymous check box.

Tip See administrator DN, page 6-3.

Table 6-1 Elements fo r the Authentication Mode (continued)

Element Description