Cisco Unified Operating System Maintenance Guide for Cisco Unified Presence Release 8.0, 8.5, and 8.6 - Single Sign On Configuration [Cisco Unified Presence]

Table Of Contents

Single Sign-On Configuration

Overview

Configuring the Single Sign-On Application

Single Sign-On Configuration

•Overview

•Configuring the Single Sign-On Application

Overview

The single sign-on (SSO) feature allows end users to log into Windows, then use the following Cisco Unified Presence applications without signing on again:

•Cisco Unified Presence User Options

•Cisco Unified Presence Administration

•Real-Time Monitoring Tool (RTMT) Administration

•Cisco Unified Operating System Administration

•Cisco UP Client Profile Agent (Cisco Jabber) - This option is only available in Cisco Unified Presence Release 8.6(5) and later and is only applicable to customers using Common Access Card (CAC) sign-on.

Configuring the Single Sign-On Application

To configure SSO, select Cisco Unified OS Administration > Security > Single Sign On.

This application is split into three components:

•Status

•Server Settings

•Select Applications

Status

A warning message displays indicating that the change in SSO settings causes Tomcat restart.

The following error messages may display when enabling the SSO application:

•Invalid Open Access Manager (OpenAM) server URL—This error message displays when you give an invalid OpenAM server URL.

•Invalid profile credentials—This error message displays when you give a wrong profile name or wrong profile password or both.

•Security trust error—This error message displays when the OpenAM certificate has not been imported.

•If you get any of the above error messages while enabling SSO, then the status changes to the above error.

Server Settings

The server settings are editable only when SSO is disabled for all applications.

Select Applications

You can enable or disable SSO on any of the following applications:

•Cisco Unified Presence Administration - Enables SSO for Cisco Unified Presence Administration, Cisco Unified Serviceability, and Cisco Unified Reporting

•Cisco Unified Presence User Options - Enables SSO for End User Options

•Cisco Unified Operating System Administration - Enables SSO for Cisco Unified Operating System Administration and Disaster Recovery System

•RTMT - Enables the web application for the Real-Time Monitoring Tool

•Cisco UP Client Profile Agent - This option is only available in Cisco Unified Presence Release 8.6(5) and later and is only applicable to customers using Common Access Card (CAC) sign-on.

Use the following procedure:

Procedure

Step 1 Enter the following URL of the Open Access Manager (OpenAM) server:

https://opensso.sample.com:443/opensso

Step 2 Enter the relative path where the policy agent should be deployed. The relative path must be alphanumeric.

Step 3 Enter the name of the profile that is configured for this policy agent.

Step 4 Enter the password of the profile name.

Step 5 Enter the login Module instance name that is configured for Windows Desktop SSO.

Step 6 Select Save.

Step 7 In the Confirmation dialog box, click OK to restart Tomcat.

What To Do Next

Enable the SSO feature on the Cisco Unified Presence server by entering the utils sso enable command on the Command Line Interface. For more information, see the Command Line Interface Reference Guide for Cisco Unified Presence.

	Cisco Unified Operating System Maintenance Guide for Cisco Unified Presence Release 8.0, 8.5, and 8.6
	Single Sign On Configuration
Cisco Unified Operating System Maintenance Guide for Cisco Unified Presence Release 8.0, 8.5, and 8.6 Getting Started with Cisco Unified Operating System Administration Changing Settings in Cisco Unified Operating System Shutting Down and Restarting the Cisco Unified Operating System Securing the Cisco Unified Operating System Managing Security Certificates in Cisco Unified Operating System Single Sign On Configuration Upgrading Software in Cisco Unified Operating System Using Cisco Unified Operating System Utilities Viewing the Status of Components in the Cisco Unified Operating System	Download this chapter Single Sign On Configuration Download the complete book Operating System Maintenance Guide (PDF - 480 KB) Feedback Table Of Contents Single Sign-On Configuration Overview Configuring the Single Sign-On Application Single Sign-On Configuration •Overview •Configuring the Single Sign-On Application Overview The single sign-on (SSO) feature allows end users to log into Windows, then use the following Cisco Unified Presence applications without signing on again: •Cisco Unified Presence User Options •Cisco Unified Presence Administration •Real-Time Monitoring Tool (RTMT) Administration •Cisco Unified Operating System Administration •Cisco UP Client Profile Agent (Cisco Jabber) - This option is only available in Cisco Unified Presence Release 8.6(5) and later and is only applicable to customers using Common Access Card (CAC) sign-on. Configuring the Single Sign-On Application To configure SSO, select Cisco Unified OS Administration > Security > Single Sign On. This application is split into three components: •Status •Server Settings •Select Applications Status A warning message displays indicating that the change in SSO settings causes Tomcat restart. The following error messages may display when enabling the SSO application: •Invalid Open Access Manager (OpenAM) server URL—This error message displays when you give an invalid OpenAM server URL. •Invalid profile credentials—This error message displays when you give a wrong profile name or wrong profile password or both. •Security trust error—This error message displays when the OpenAM certificate has not been imported. •If you get any of the above error messages while enabling SSO, then the status changes to the above error. Server Settings The server settings are editable only when SSO is disabled for all applications. Select Applications You can enable or disable SSO on any of the following applications: •Cisco Unified Presence Administration - Enables SSO for Cisco Unified Presence Administration, Cisco Unified Serviceability, and Cisco Unified Reporting •Cisco Unified Presence User Options - Enables SSO for End User Options •Cisco Unified Operating System Administration - Enables SSO for Cisco Unified Operating System Administration and Disaster Recovery System •RTMT - Enables the web application for the Real-Time Monitoring Tool •Cisco UP Client Profile Agent - This option is only available in Cisco Unified Presence Release 8.6(5) and later and is only applicable to customers using Common Access Card (CAC) sign-on. Use the following procedure: Procedure Step 1 Enter the following URL of the Open Access Manager (OpenAM) server: https://opensso.sample.com:443/opensso Step 2 Enter the relative path where the policy agent should be deployed. The relative path must be alphanumeric. Step 3 Enter the name of the profile that is configured for this policy agent. Step 4 Enter the password of the profile name. Step 5 Enter the login Module instance name that is configured for Windows Desktop SSO. Step 6 Select Save. Step 7 In the Confirmation dialog box, click OK to restart Tomcat. What To Do Next Enable the SSO feature on the Cisco Unified Presence server by entering the utils sso enable command on the Command Line Interface. For more information, see the Command Line Interface Reference Guide for Cisco Unified Presence.
	Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks