User information If you plan to use SASL authentication with the LDAP server, you do not need to specify the following fields: To enable TLS communication with the LDAP server, select this check box. If the connection to the first server fails, Remedy SSO will automatically redirect the request to another server. This will help to handle a situation when one of the servers is down, and the other server is up and running. If you have LDAP failover configuration, add several LDAP server hosts. To use SASL, enter the host name (not the domain name). The IP address or host name of the LDAP sever. The additional information can be used by an integrated application such as TrueSight Orchestration (formerly BMC Atrium Orchestrator) for administration and authorization. Remedy SSO supports providing additional information about LDAP users and groups. The client certificate is then used to create an SSL connection to the LDAP server. The mechanism gets the client certificate from the client (browser), and passes it to Remedy SSO server. For example, a mechanism such as External with SSL and client certificate establishes a strong bind. By using pluggable authentication, you can select an authentication mechanism that enables a strong bind. LDAP v3 also uses SASL for pluggable authentication. Data exchange supports authentication and establishes a security layer for communications.
In SASL, a challenge-response authentication protocol enables data exchange between the client and the server. Remedy SSO supports strong LDAP bind with Simple Authentication and Security Layer (SASL). You can also configure LDAP authentication for external administrators, see Configuring the Remedy SSO server for details. You can configure Remedy SSO server to authenticate end users through the Lightweight Directory Access Protocol (LDAP).
0 kommentar(er)
