LMS 2.6 Single Sign On

Unanswered Question
Sep 14th, 2007

I am getting ready to move LMS 2.6 to single sign on using our Active Directory environment. I was just curious as to what the best practices are as well as the easiest way to do this.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)

Are you using SSS (Single Sever Solution) or multiple servers ? SSO with in the context of LMS refers only to multiple server deployments with a master and one or more slave LMS servers.

Which platform (Winderz or Solaris) ?

You do realize that you will also need to maintain local "stub" accounts for each user that defines thier role, no permissions can be assigned in AD for Ciscoworks.

Joe Clarke Fri, 09/14/2007 - 09:40

The leading practice for SSO is to use it in conjunction with ACS. That is, have two or more replicating ACS servers that use AD as their backing authentication source. Then, integrate your SSO LMS servers with your ACS cluster.

This way, your users and roles are centralized and replicated. You will not have to configure any local users in your LMS servers.

craighuff Fri, 09/14/2007 - 09:52

Is there a good document on this? We currently use ACS for all our Access Points so this should not be an issue.


Joe Clarke Fri, 09/14/2007 - 10:22

I discussed this at Networkers a few years ago, but I'm not sure it published on any customer-facing documents. That said, there's nothing tricky about this configuration. It's just the sum of ACS integration and Single Sign On.


This Discussion