Cisco Unified Communications Operating System Administration Guide, Release 9.1(1)
Single Sign-On
Downloads: This chapterpdf (PDF - 1.15MB) The complete bookPDF (PDF - 3.24MB) | Feedback

Single Sign-On

Single Sign-On

Introduction

The Single Sign-On (SSO) feature allows end users to log in to Windows and use the following IM and Presence applications without having to sign on again:

  • Cisco Unified Communications Manager IM and Presence User Options

  • Cisco Unified Communications Manager IM and Presence Administration

  • Cisco Unified IM and Presence Serviceability

  • Cisco Unified IM and Presence Reporting

  • IM and Presence Disaster Recovery System

  • Real-Time Monitoring Tool (RTMT) Administration

  • Cisco Unified IM and Presence Operating System Administration

  • Cisco Client Profile Agent

Set Up Single Sign-On

To configure Single Sign-On (SSO), select Cisco Unified IM and Presence OS Administration > Security > Single Sign On.

The SSO feature is divided into three components:

  • Status

  • Server Settings

  • Select Applications

Status

A warning message displays indicating that the change in SSO settings causes Tomcat to restart.

The following error messages may display when enabling the SSO feature:

  • Invalid Open Access Manager (OpenAM) server URL - This error message displays when you give an invalid OpenAM server URL.

  • Invalid profile credentials - This error message displays when you give a wrong profile name or wrong profile password or both.

  • Security trust error - This error message displays when the OpenAM certificate has not been imported.


Note


If you get any of the above error messages while enabling SSO, the status changes to the related error.


Server Settings

The node settings are editable only when SSO is disabled for all applications.

Select Applications

You can enable or disable SSO on any of the following applications:

  • Cisco Unified Communications Manager IM and Presence Administration - Enables SSO for Cisco Unified Communications Manager IM and Presence Administration, Cisco Unified IM and Presence Serviceability, and Cisco Unified IM and Presence Reporting

  • Cisco Unified Communications Manager IM and Presence User Options - Enables SSO for End User Options

  • Cisco Unified IM and Presence Operating System Administration - Enables SSO for Cisco Unified IM and Presence Operating System Administration and IM and Presence Disaster Recovery System

  • Real-Time Monitoring Tool - Enables the web application for the Real-Time Monitoring Tool

  • Cisco Client Profile Agent - Enables SSO for the Cisco Client Profile Agent service. This option is only available to customers using Common Access Card (CAC) sign-on.

Procedure
    Step 1   Enter the following URL of the Open Access Manager (OpenAM) server:

    https://opensso.sample.com:443/opensso

    Step 2   Enter the relative path where the policy agent should be deployed. The relative path must be alphanumeric.
    Step 3   Enter the name of the profile that is configured for this policy agent.
    Step 4   Enter the password of the profile name.
    Step 5   Enter the login module instance name that is configured for Windows Desktop SSO.
    Step 6   Click Save.
    Step 7   In the Confirmation dialog box, click OK to restart Tomcat.