Chapter 6 Authentication and Federated Identity

Reference

Federation Mode (SSO) FAQs

Q.NEW IN CISCO DMS 5.2.3 — Are there any special APIs to use federation mode?

A.No. We support one set of API calls that work identically across all supported authentication modes. See http://developer.cisco.com.

Q.NEW IN CISCO DMS 5.2.3 — Can I use one browser to connect simultaneously to more than one DMM appliance or more than one Show and Share appliance?

A.No. Each time that you connect to an additional instance, you are logged out of any prior instance in that browser. However, you can use multiple browsers together for this purpose.

Q.NEW IN CISCO DMS 5.2.3 — Why would user sessions time out for Show and Share or DMM users after a different interval than I set in DMM?

A.This can happen when session timeout values differ between your DMM appliance and your IdP. Reconfigure these servers to share one identical session timeout value.

Error Message FAQs

Q.Why does an error message state that an Active Directory password is not valid?

Explanation A “User must change password at next login” flag might be set on your Active Directory server. While this flag is set, the affected user cannot log in to any Cisco DMS component. DMS-Admin cannot change any password on your Active Directory server.

Recommended Action Use features that your Active Directory server provides for this purpose.

Q.Why does an error message state that filter validation has failed?

Explanation Filters fail when they point to empty containers. They also fail in response to filter expressions that includes any spaces.

Recommended Action Make sure on your Active Directory server that your filter did not refer to an empty organizational unit (OU) container. Confirm also that your filter expression does not contain even one space.

Q.NEW IN CISCO DMS 5.2.3 — Why would my API calls receive an HTTP 401 Unauthorized error? Recommended Action When you use federation mode, enable ECP on your IdP server.

Network Policy FAQs

Q.When I use LDAP authentication with Cisco DMS, which ports must remain open in my network?

A.Your DMM appliance accepts user authentication requests securely through port 443. DMM then passes these requests securely to your Active Directory server through port 389. Also, SSL uses port 636.

 

User Guide for Cisco Digital Media Manager 5.2.x

6-42

OL-15762-03

Page 88
Image 88
Cisco Systems 5.2.x manual Federation Mode SSO FAQs, Error Message FAQs, Network Policy FAQs