Cisco Systems 5.4.x

8-47

UserGuide for Cisco Digital Media Manager5.4.x

OL-15762-05

Chapter8 Authentication and Fe derated Identity

Reference

Test User Password Enter the password that corresponds to the test username. This element is visible only while

the Enable Authentication Test check box is checked.

LDAP Configuration Area

Anonymous Enables or disables an anonymous connection between your DMM appliance and your

ActiveDirectory server.

•

An anonymous connection is suitable when you want to see or use public information on

the ActiveDirectory server.

•

In contrast, when you want to see or use privileged information on your Active Directory

server, the server will require you to enter login credentials to prove that you have

sufficient access rights.

In the latter case, your ActiveDirectory server will reject any attempt to log in anonymously.

This check box is available to you only when you choose LDAP mode or federation mode.

Host Enter the routable IP address or DNS-resolvable hostname for the Active Directory server. This

field is available to you only when you choose LDAP mode or federation mode.

Port Ent er the TCP port number that your Active Directory server uses for communications. This

field is available to you only after you choose LDAP mode or federation mode.

The ActiveDirectory port number by default is :

•

389 for LDAP communications.

•

636 for LDAPS (Secure LDAP, or LDAP over SSL) and SSO communications.

Administrator DN Enter the distinguished name of the Active Directory server administrator.

This field is available to you only after you choose LDAP mode or federation mode and

uncheck the Anonymous check box.

Tip See administrator DN, page8-3.

Password Enter the password that is associated with the Administrator DN.

This field is available to you only after you choose LDAP mode or federation mode and

uncheck the Anonymous check box.

Use SSL Encryption The ch eck box to enable or disable encrypted sign-on. This check box is available to you only

when you use LDAP mode or federation mode.

Note Whenever you enable SSL or install a new SSL certificate for LDAP, you must restart Web Services

(Tomcat) from AAI. Otherwise, LDAP users cannot log in and the new (or newly enabled) SSL certificate

cannot take effect. Also—if your DMM server is one half of a failover pair— the Tomcat restart will trigger

immediate failover. (CSCtl09696)

•

Check the check box to enable encryption.

•

Uncheck it to disable encryption.

Enabling SSL causes the connections between your DMM appliance and your Active Directory

server to use LDAPS. An LDAPS connection is suitable when you want to prevent untrusted

third parties from reading credentials that the servers exchange.

Active Directory

Certificate File

Helps you to upload the digital certificate that your ActiveDirectory server uses for LDAPS

communications. This field is available to you only while the Use SSL Encryption check box

is checked.

Table8-1 Elements for Authentication Modes (continued)

Element Description