Filter
Top Products
8-9
User Guide for Cisco Digital Media Manager 5.4.x
OL-15762-05
Chapter 8 Authentication and Federated Identity
Concepts
Understand the Requirement to Authenticate Users
Although Cisco DMS always authenticates users, we support three authentication methods.
•
Embedded authentication is completely native to Cisco DMS. It does not depend on any
external servers.
•
LDAP authentication causes Cisco DMS products to rely on one—and only one—Microsoft
Active Directory server and a Microsoft Internet Information Server (IIS). Thus, setup and
operation with this method are more complex than with embedded authentication.
•
Federation mode—also known as single sign-on (SSO) causes Cisco DMS products to rely on a
SAML 2.0-compliant IdP in combination with a Microsoft Active Directory server and IIS. Thus,
setup and operation with this method are more complex than with LDAP authentication.
Note You must choose one of these methods. The method that you use determines which login screen your users will see.
Tip • After a user session times out, we prompt the affected user to log in twice.
• Migration from one mode to another takes as long as 1 minute to finish (CSCtn22370).
• An unresponsive Active Directory server can hang a login prompt for 20 minutes without any error message.
Related Topics
•
LDAP and Active Directory Concepts, page 8-10
•
Federated Identity and Single Sign-on (SSO) Concepts, page 8-17
EMBEDDED MODE LDAP MODE FEDERATION (SSO) MODE
1
1. When any of your federation servers uses a self-signed certificate, we show your users two SSL warnings during login.
IdP-specific login screen