Contents
v
User Guide for Cisco Digital Media Manager 5.4.x
OL-15762-05
Glossary
8-2
Understand the Requirement to Authenticate Users
8-9
Decide Which Authentication Method to Use
8-10
LDAP and Active Directory Concepts
8-10
LDAP is Highly Complex
8-11
Plan Ahead
8-11
Restrictions
8-11
Synchronization Concepts
8-11
LDAP Concepts
8-14
Password Concepts
8-16
Understand Authentication Property Sheets for LDAP
8-17
Federated Identity and Single Sign-on (SSO) Concepts
8-17
IdP Requirements
8-17
Configuration Workflow to Activate Federation (SSO) Mode
8-18
Authentication Scenarios for User Sessions in Federation (SSO) Mode
8-18
Migration Between Authentication Methods
8-20
Understand Migration (from Either LDAP or SSO) to Embedded
8-20
Understand Migration (from Embedded) to Either LDAP or SSO
8-21
Procedures
8-21
Export the Root CA X.509 Certificate from Your Active Directory Server
8-22
Configure DMM to Trust the Active Directory Root CA
8-22
Choose an Authentication Method
8-23
Configure LDAP (Active Directory) Settings
8-24
Define LDAP (ActiveDirectory) Filters
8-24
Import User Accounts that Match an LDAP (Active Directory) Fi lter
8-25
Resynchronize User Accounts that Match an LDAP (Active Directory) Filter
8-26
Sever All Existing Ties to a User Base or an LDAP (ActiveDirectory) Server
8-27
Define the LDAP (ActiveDirectory) Synchronization Schedule
8-28
Manage LDAP (ActiveDirectory) Attributes
8-29
Configure Automatic LDAP (Active Directory) Sync hronization
8-30
Derive User Group Membership Dynamically from an LDAP (Active Directory) Filter
8-31
Configure Federation Services for SSO
8-33
IdP Configuration Examples
8-33
Export SP Metadata from DMM
8-43
Import IdP Metadata into DMM
8-43
Bypass External Authentication During S uperuser Login, as Needed
8-45
Reference
8-45
Software UI and Field Reference Tables
8-45
Elements to Choose and Enable an Authentication Mode
8-46
Elements to Define, Validate, and Add LDAP Filters
8-48