8-8
UserGuide for Cisco Digital Media Manager5.4.x
OL-15762-05
Chapter8 Authentication and Federated Identity
Concepts
SP
service provider. Server that requests and receives information from an IdP. For example, your DMM
server is an SP for CiscoDMS.
SSO
single sign on. (And sometimes “single sign off.”) The main user-facing benefit of federation mode is
that SPs begin—and end, in some implementations —user sessions on behalf of their entire federation.
SSO is a convenience for users, who can log in only once per day as their work takes them between
multiple servers that are related but independent. Furthermore, SSO is a convenience to IT staff, who
spend less time on user support, password fatigue, compliance audits, and so on.
•We DO NOT support single sign off in CiscoDMS 5.3.
•We support only SP-initiated SSO in Cisco DMS 5.3.
UReturn to Top
user base
The location of the user subtree in the LDAP directory tree. For example,
DC=ad,DC=com
.
Note An LDAP expression must never include a space immediately to either side of a “=” sign. Similarly, it must
never include a space immediately to either side of an “objectClass” attribute. Otherwise, validation fails.
user base DN
The DN for an Active Directory user base.
Note An LDAP expression must never include a space immediately to either side of a “=” sign. Similarly, it must
never include a space immediately to either side of an “objectClass” attribute. Otherwise, validation fails.
user filter
A user filter limits the scope of an agreement to import filtered records from an ActiveDirectory
user base.
Note An LDAP expression must never include a space immediately to either side of a “=” sign. Similarly, it must
never include a space immediately to either side of an “objectClass” attribute. Nor can a group name include any spaces.
Otherwise, validation fails.
XReturn to Top
X-509
A standard for public key infrastructure. X.509 specifies, among other things, standard formats for
public key certificates and a certification path validation algorithm.