LMS 2.6 Single Sign On

Unanswered Question
Sep 14th, 2007
User Badges:

I am getting ready to move LMS 2.6 to single sign on using our Active Directory environment. I was just curious as to what the best practices are as well as the easiest way to do this.


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Are you using SSS (Single Sever Solution) or multiple servers ? SSO with in the context of LMS refers only to multiple server deployments with a master and one or more slave LMS servers.


Which platform (Winderz or Solaris) ?


You do realize that you will also need to maintain local "stub" accounts for each user that defines thier role, no permissions can be assigned in AD for Ciscoworks.


Joe Clarke Fri, 09/14/2007 - 09:40
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

The leading practice for SSO is to use it in conjunction with ACS. That is, have two or more replicating ACS servers that use AD as their backing authentication source. Then, integrate your SSO LMS servers with your ACS cluster.


This way, your users and roles are centralized and replicated. You will not have to configure any local users in your LMS servers.

craighuff Fri, 09/14/2007 - 09:52
User Badges:

Is there a good document on this? We currently use ACS for all our Access Points so this should not be an issue.


Thanks


Joe Clarke Fri, 09/14/2007 - 10:22
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

I discussed this at Networkers a few years ago, but I'm not sure it published on any customer-facing documents. That said, there's nothing tricky about this configuration. It's just the sum of ACS integration and Single Sign On.

Actions

This Discussion