AppScaler SSO Active Directory Guide

Similar documents
Guide to Deploying NetScaler as an Active Directory Federation Services Proxy

VMware Identity Manager Administration

DEPLOYMENT GUIDE Version 1.1. Deploying the BIG-IP Access Policy Manager with IBM, Oracle, and Microsoft

Configuring and Delivering Salesforce as a managed application to XenMobile Users with NetScaler as the SAML IDP (Identity Provider)

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP Access Policy Manager v with Oracle Access Manager

Desktop LP - Connect Guide. Version 2.1 February 2016

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP Access Policy Manager with Oracle Access Manager

Okta Integration Guide for Web Access Management with F5 BIG-IP

DIGIPASS Authentication for O2 Succendo

VMware AirWatch Integration with F5 Guide Enabling secure connections between mobile applications and your backend resources

Hands-on Lab Exercise Guide

CA Single Sign-On and LDAP/AD integration

ActivIdentity 4TRESS AAA Web Tokens and F5 BIG-IP Access Policy Manager. Integration Handbook

How to Configure Authentication and Access Control (AAA)

VMware Identity Manager Cloud Deployment. Modified on 01 OCT 2017 VMware Identity Manager

AD FS v3. Deployment Guide

Webthority can provide single sign-on to web applications using one of the following authentication methods:

Azure MFA Integration with NetScaler

Deploying VMware Identity Manager in the DMZ. JULY 2018 VMware Identity Manager 3.2

Authlogics Forefront TMG and UAG Agent Integration Guide

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.

Partner Information. Integration Overview Authentication Methods Supported

DoD Common Access Card Authentication. Feature Description

WebADM and OpenOTP are trademarks of RCDevs. All further trademarks are the property of their respective owners.

Citrix Federated Authentication Service Integration with APM

DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Sharepoint 2007

VMware Identity Manager Cloud Deployment. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager

BIG-IP Access Policy Manager : Secure Web Gateway. Version 13.0

Microsoft Dynamics GP Web Client Installation and Administration Guide For Service Pack 1

VMware Identity Manager Administration. MAY 2018 VMware Identity Manager 3.2

Identity Services Engine Guest Portal Local Web Authentication Configuration Example

FastPass Password Manager

Archived. For more information of IBM Maximo Asset Management system see:

SAP HANA Authorization (HA2)

F5 Azure Cloud Try User Guide. F5 Networks, Inc. Rev. September 2016

Microsoft Office Groove Server Groove Manager. Domain Administrator s Guide

vfire Officer App Server Installation Guide Version 1.3

FAQ. General Information: Online Support:

SPNEGO SINGLE SIGN-ON USING SECURE LOGIN SERVER X.509 CLIENT CERTIFICATES

DIGIPASS Authentication for NETASQ

NeoAccel NeoAccel Management Console: Gateway Gateway Administration version version 2.3

Content Matrix. Evaluation Guide. February 12,

Wireless LAN Controller Web Authentication Configuration Example

Entrust GetAccess 7.0 Technical Integration Brief for IBM WebSphere Portal 5.0

RSA Two Factor Authentication. Feature Description

Novell Identity Manager

Deploying VMware Identity Manager in the DMZ. SEPT 2018 VMware Identity Manager 3.3

TIBCO Spotfire Automation Services

Integrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER

Polycom ContentConnect Quick User Guide

Windows Server 2012 Immersion Experience Enabling Secure Remote Users with RemoteApp, DirectAccess, and Dynamic Access Control

esignlive SAML Administrator's Guide Product Release: 6.5 Date: July 05, 2018 esignlive 8200 Decarie Blvd, Suite 300 Montreal, Quebec H4P 2P5

Barracuda Networks SSL VPN

DIGIPASS Authentication for Check Point VPN-1

Citrix Web Interface for Microsoft SharePoint Administrator s Guide. Citrix Access Suite 4.2

Server Installation Guide

Single Sign-On for PCF. User's Guide

RADIUS Authentication and Authorization Technical Note

TIBCO Spotfire Automation Services 7.5. User s Manual

Intel Unite Solution Version 4.0

Nimsoft Service Desk. Single Sign-On Configuration Guide. [assign the version number for your book]

One Identity Starling Two-Factor Desktop Login 1.0. Administration Guide

DIGIPASS Authentication to Citrix XenDesktop with endpoint protection

BIG-IP Access Policy Manager : Visual Policy Editor. Version 12.1

Azure Multi-Factor Authentication. Technical Note

Agility 2018 Hands-on Lab Guide. VDI the F5 Way. F5 Networks, Inc.

BIG-IP Access Policy Manager : Authentication and Single Sign-On. Version 13.1

NetScaler Radius Authentication. Integration Guide

EMC ApplicationXtender Web Access.NET eroom Integration 6.0

EAM Portal User's Guide

Outlook Web Access. Implementation Guide. (Version 5.4) Copyright 2012 Deepnet Security Limited

Configuring Request Authentication and Authorization

BIG-IP Access Policy Manager : Portal Access. Version 12.1

Realms and Identity Policies

How to Configure SSL VPN Portal for Forcepoint NGFW TECHNICAL DOCUMENT

Using ZENworks with Novell Service Desk

DIGIPASS Authentication for Cisco ASA 5500 Series

Central Authentication Service Integration 2.0 Administration Guide May 2014

Authorized Send Installation and Configuration Guide Version 3.5

Integrating IBM Security Privileged Identity Manager with ObserveIT Enterprise Session Recording

Security Provider Integration Kerberos Authentication

Operating Instructions (For User Authentication) Digital Colour Imaging Systems

Setting Up Resources in VMware Identity Manager (SaaS) Modified 15 SEP 2017 VMware Identity Manager

Building Block Installation - Admins

SecurEnvoy Microsoft Server Agent

Oracle Access Manager Integration Oracle FLEXCUBE Payments Release [Feb] [2018]

SafeNet Authentication Service

USER GUIDE Summer 2015

USER MANUAL. SalesPort Salesforce Customer Portal for WordPress (Lightning Mode) TABLE OF CONTENTS. Version: 3.1.0

Oracle Utilities Opower Solution Extension Partner SSO

RSA Authentication Manager 7.1 Help Desk Administrator s Guide

maxecurity Product Suite

EMC SourceOne for Microsoft SharePoint Version 7.1

Configuring Claims-based Authentication for Microsoft Dynamics CRM Server. Last updated: May 2015

NETWRIX INACTIVE USER TRACKER

Security Provider Integration: Kerberos Server

Setting Up Resources in VMware Identity Manager (On Premises) Modified on 30 AUG 2017 VMware AirWatch 9.1.1

Remote Support 19.1 Web Rep Console

Cloud Link Configuration Guide. March 2014

STRS OHIO F5 Access Client Setup for ChromeBook Systems User Guide

Transcription:

Version: 1.0.3 Update: April 2018 XPoint Network

Notice To Users Information in this guide is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted. No part of this guide may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of XPoint Network. Copyright, Trademark Copyright 2017 XPoint Network. All rights reserved. All trademarks or trade names mentioned herein, if any, are the property of their respective owners. XPoint Network. reserves all ownership rights for the AppScaler product line including software and documentation. XPoint, the XPoint logo, AppScaler, and any other mark listed as a trademark in the Terms of Use portion of the XPoint Web site that is used herein are either registered trademarks or trademarks of XPoint Network. And/or its subsidiaries in the Hong Kong and/or other countries. Microsoft, Internet Explorer, Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Limitations This document is provided as is. XPoint Network has made efforts to ensure that the information presented herein are correct but make no explicit guarantee or warranty as to the accuracy of the information contained herein. XPoint Network claims no responsibility, implied or otherwise, to anyone wishing to act of follow the content of this document.

Table of Contents INTRODUCTION... 4 Target Audience... 4 Conventions used in this publication... 4 Prerequisites... 4 OVERVIEW... 5 ADD ONE ACTIVE DIRECTORY USER... 6 ADD ONE ACTIVE DIRECTORY BASED AAA SERVER... 9 ADD ONE SSO PROFILE FOR AAA SERVER... 11 ADD ONE ACCESS POLICY... 13 ADD ONE VIRTUAL SERVICE... 15 CONFIGURE SSO FOR VIRTUAL SERVICE... 17 SSO TESTING... 18 SSO LOGON REPORT... 19

Introduction This document describes the process for AppScaler SSO deployment based on Active Directory authentication. Add one Active Directory User Add one Active Directory based AAA Server Add one SSO Profile for AAA Server Add one Access Policy Add one virtual service Configure SSO for virtual service Target Audience This User Guide covers all aspects of AppScaler SSO deployment based on Active Directory authentication and is intended for both administrators and system integrators. Conventions used in this publication This publication uses various conventions to present information. Words that require special treatment appear in specific fonts or font styles. Prerequisites The following are required to configure AppScaler SSO deployment based on Active Directory authentication. Windows Active Directory installed Active Directory Domain configured correctly FQDN of virtual service configured correctly

Overview AppScaler provides centralized and flexible application access authentication to consolidate identity access management infrastructure and realize enhanced security at a reduced operational cost. AppScaler leverages both advanced client authentication and access management, combined with the programmability of Post Form, it can offload authentication processing from business applications to make for a simpler, more flexible and secure environment. Providing SSO across applications deployed on heterogeneous platforms requires standardization on a common identity and access management framework, AppScaler supports a wide range of authentication protocols including LDAP, Radius, RAS SecurID, Kerberos, and NTLM. This document outlines the processes to provide pre-authentication against Active Directory authentication schema. When user accesses SSO enabled virtual service, the login form will display for user to enter credentials. AppScaler will pass the credentials to active directory for authentication. If not authenticated, user cannot access virtual service. If authenticated, user session will be stored and can access all the virtual services with the same SSO profile.

Add one Active Directory User The user of active directory needs to be added, and we use the credentials to do the AD authentication testing. To add one active directory user: Click Start->Administrative Tools->Active Directory Users and Computers Go to user section Input user details and click Next

Input the password and click Next Click Finish

Add one Active Directory based AAA Server To add one Active Directory based AAA Server: Login WebUI navigate to SLB -> Profiles Click Manage for Access Policy In AAA Server tab, click Add In the Add AAA Server page, enter the following Click Save

Settings Type Name IP Address:Port Account Name Account Password Notes Description The type for this AAA Server, including: LDAP Radius SecurID Kerberos The name of this AAA Server The IP Address and Port of this AAA Server The user name for this AAA Server authentication The password for this AAA Server authentication The notes for this AAA Server The AAA Server will be shown

Add one SSO Profile for AAA Server To add one SSO Profile for AAA Server: Login webui navigate to SLB -> Profiles Click Manage for Access Policy In SSO Profile tab, click Add In the Add SSO Profile page, enter the following Click Save Settings Name SSO Ident Root domain Notes Type AAA Server Session Timeout Login Format Description The name of this SSO Profile The SSO Ident for this SSO Profile The root domain for this SSO Profile The notes for this AAA Server Either Single Authentication or Dual Authentication Choose the AAA Server for this SSO Profile The session time out for this SSO Profile The login format for this SSO Profile

Max Login Tries Lockout Timeout The max login attempts The locked time for failed login The SSO Profile will be shown

Add one Access Policy To add one Access Policy: Login webui navigate to SLB -> Profiles Click Manage for Access Policy In Access Policy tab, click Add In the Add Access Policy page, enter the following Click Save Settings Name Notes SSO Profile Type SSO Profile SSO Method Description The name of this Access Policy The notes for this access policy Either SSO Profile or SSO Profile Group Choose one SSO Profile The SSO Method for this access policy, including: Client Initiated HTTP Form Client Initiated HTTP Form + RS HTTP Basic Auth Client Initiated HTTP Form + RS HTTP Form Client Initiated HTTP Form + RS Kerberos Client HTTP NTLM Auth

Login Form Enable Password Logout URL Password Reset URL Login Session/Cookie SSO Log Level Client HTTP NTLM Auth + RS Kerberos Client HTTP Basic Auth Client Auth Pass Through Choose one login form Enable or disable password field in login form The logout url string The password reset url string The login cache option The option for SSL Log The Access Policy will be shown

Add one virtual service To add one virtual service: Login webui Navigate to SLB -> Virtual Server and check Add button We set up one HTTP based virtual server, please note that you need to choose HTTP in Service Type dropdown list Click Save and the new Virtual Server will display We add new real server to this virtual server, Click icon in Action column In the Real Server tab, click Add Add the real server

Click Save and you can add more real servers for this virtual server

Configure SSO for virtual service To configure SSO for virtual service: Login WebUI with account admin/password Navigate to SLB -> Virtual Server Go to the row of the virtual server, Click icon in Action column Click Edit button besides Single Sign On in General Properties tab In Edit Single Sign On Configuration page, choose one access policy Click Save Settings Access Policy VS FQDN Start URI WhiteList URI Description Set the Access Policy for this virtual server. If No SSO selected, the Single Sign On is disabled. The FDQN for this virtual server. The access URI for this virtual server The URI will not be subjected to Single Sign On

SSO Testing To test the SSO for the virtual service: Open your browser and access FQDN of the virtual server, in this example, its http://abc.test.com The login form will pop up Input the username and password and click Login button If authenticated, it will be redirected to the virtual service

SSO Logon Report To access SSO logon report: navigate to Log & Report -> SSO Report Choose the SSO Profile and click View

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback