![]() Support for the OpenAM application is available only from ForgeRock.Ĭonfiguration guidelines to enable the SSO feature to work with OpenAM are provided. (SSO) feature makes use of a third-party application from ForgeRock called Third-Party Software and System Requirements for Single Sign-On Troubleshooting Single Sign-On Single Sign-On You can perform these additional tasks that are not required to setup up Single Sign-On:ĭisable Single Sign-On Uninstall OpenAM on Windows Set Debug Level Related Information Cisco highly recommends that you enable SSO during a maintenance window. Import the OpenAM certificate into the tomcat-trust trust store for each IM and Presence Service node using SSO.Įnabling SSO affects service. Set the OpenAM session timeout to a value that is higher than the session timeout parameter setting for the IM and Presence Service node. ![]() You must configure an associated J2EE Agent Profile on the OpenAM server for the J2EEĪgent of each IM and Presence Service node using SSO. A single module instance can be shared by multiple IM and Presence Service nodes for SSO if the same Active Directory domain is used throughout the deployment.Ĭonfigure J2EE agent profile on OpenAM. Do not use the hostname of the node.Ĭonfigure SSO module instance. You must use the FQDN of the IM and Presence Service node to access the Cisco Unified CM IM and Presence Administration/User interface. You must follow the policy rules that are defined in the procedure. You access the OpenAM web-based administration interface using a web browser by Set up OpenAM using the GUI Configurator. Install the Apache Tomcat Web Container on the OpenAM Windows server. Do this for each IM and Presence Service node that is to use Single Sign-On. Import IM and Presence Service certificate into OpenAM. The procedure to install Java are different depending if you use self-signed or Certificate Authority NoteĪ Java keystore and the associated security certificates are required for secure connections to the OpenAM server, which runs See topics related to third-party software and system requirements for a listĬonfigure Microsoft Windows Registry for Real-Time Monitoring Tool (RTMT). NoteĮnsure the Windows Server 2008 supported tools are installed before proceeding.Ĭonfigure client browsers for Single Sign-On. Provision a new user account for the OpenAM server to be used for Single Sign-On on the Active Directory (AD) server. The following table lists the tasks to configure Single Sign-On. You complete each task outlined in this flow in the order indicated.įigure 1. The following figure provides the sequence of tasks that are required to successfully configure SSO.
0 Comments
Leave a Reply. |