Cisco Unified Operating System Maintenance Guide for Cisco Unified Presence Release 8.0, 8.5, and 8.6
Single Sign On Configuration
Downloads: This chapterpdf (PDF - 174.0KB) The complete bookPDF (PDF - 1.17MB) | Feedback

Single Sign-On Configuration

Table Of Contents

Single Sign-On Configuration

Overview

Configuring the Single Sign-On Application


Single Sign-On Configuration


Overview

Configuring the Single Sign-On Application

Overview

The single sign-on (SSO) feature allows end users to log into Windows, then use the following Cisco Unified Presence applications without signing on again:

Cisco Unified Presence User Options

Cisco Unified Presence Administration

Real-Time Monitoring Tool (RTMT) Administration

Cisco Unified Operating System Administration

Cisco UP Client Profile Agent (Cisco Jabber) - This option is only available in Cisco Unified Presence Release 8.6(5) and later and is only applicable to customers using Common Access Card (CAC) sign-on.

Configuring the Single Sign-On Application

To configure SSO, select Cisco Unified OS Administration > Security > Single Sign On.

This application is split into three components:

Status

Server Settings

Select Applications

Status

A warning message displays indicating that the change in SSO settings causes Tomcat restart.

The following error messages may display when enabling the SSO application:

Invalid Open Access Manager (OpenAM) server URL—This error message displays when you give an invalid OpenAM server URL.

Invalid profile credentials—This error message displays when you give a wrong profile name or wrong profile password or both.

Security trust error—This error message displays when the OpenAM certificate has not been imported.

If you get any of the above error messages while enabling SSO, then the status changes to the above error.

Server Settings

The server settings are editable only when SSO is disabled for all applications.

Select Applications

You can enable or disable SSO on any of the following applications:

Cisco Unified Presence Administration - Enables SSO for Cisco Unified Presence Administration, Cisco Unified Serviceability, and Cisco Unified Reporting

Cisco Unified Presence User Options - Enables SSO for End User Options

Cisco Unified Operating System Administration - Enables SSO for Cisco Unified Operating System Administration and Disaster Recovery System

RTMT - Enables the web application for the Real-Time Monitoring Tool

Cisco UP Client Profile Agent - This option is only available in Cisco Unified Presence Release 8.6(5) and later and is only applicable to customers using Common Access Card (CAC) sign-on.

Use the following procedure:

Procedure


Step 1 Enter the following URL of the Open Access Manager (OpenAM) server:

https://opensso.sample.com:443/opensso

Step 2 Enter the relative path where the policy agent should be deployed. The relative path must be alphanumeric.

Step 3 Enter the name of the profile that is configured for this policy agent.

Step 4 Enter the password of the profile name.

Step 5 Enter the login Module instance name that is configured for Windows Desktop SSO.

Step 6 Select Save.

Step 7 In the Confirmation dialog box, click OK to restart Tomcat.


What To Do Next

Enable the SSO feature on the Cisco Unified Presence server by entering the utils sso enable command on the Command Line Interface. For more information, see the Command Line Interface Reference Guide for Cisco Unified Presence.