Prime Service Catalog 12.0 Integration Best Practices – LDAP and SAML Settings.

Slides:

Advertisements

Similar presentations

Managing Your Organisation’s Portal Team Account Tutorial 7.

Advertisements

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

WSO2 Identity Server Road Map

Unauthorized Reproduction Prohibited SkyPoint Alarm Integration Add-On Using OnGuard Alarms to create events in SkyPoint Also called ‘SkyPoint V0’ CR4400.

User Management DigiTool Version 3.0. User Management 2 User Architecture PatronsStaff Users DepositorsApprovers Meditor User Management Management Module.

15.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

SecurityCenter & Palo Alto Configuration Guide. About this Guide This guide provides an overview of how to get the most from Palo Alto firewalls when.

LDS Account and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions.

Understanding Active Directory

Senior Technical Writer

Guide to MCSE , Enhanced 1 Activity 10-1: Restarting Windows Server 2003 Objective: to restart Windows Server 2003 Start  Shut Down  Restart Configure.

03/07/08 © 2008 DSR and LDAP Authentication Avocent Technical Support.

Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.

CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+

Module 10: Configuring Windows XP Professional to Operate in Microsoft Networks.

Enterprise Service Desk (ESD) Enterprise Service Desk Approvers and SDR Overview.

RMsis – v Simplify Requirement Management for JIRA.

COMPDIRS NATHAN DORS APRIL 16, AGENDA  IAM – who we are, what we do  HRP Modernization & Workday  What’s new in IAM?  Identity.UW soft.

Shibboleth 2.0 IdP Training: Authentication January, 2009.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

LDS Account and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions.

Module 4: Managing Recipients. Overview Introduction to Exchange Recipients Creating, Deleting, and Modifying Users and Contacts Managing Mailboxes Managing.

0 eCPIC Admin Training: OMB Submission Packages and Annual Submissions These training materials are owned by the Federal Government. They can be used or.

MEMBERSHIP AND IDENTITY Active server pages (ASP.NET) 1 Chapter-4.

Access resources in a federation partner organization.

Page 1 of 42 To the ETS – Create Client Account & Maintenance Online Training Course Individual accounts (called a Client Account) are subsets of the Site.

SQL SERVER 2008 Installation Guide A Step by Step Guide Prepared by Hassan Tariq.

Is Federation Putting you at Risk? Presenter: Dan Dagnall – Chief Operating Officer, Fischer International Identity, LLC.

LDS Account and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions.

Self Service Admin. Self Service as the name suggests may remind you of food services provided by some big names in the market. So also, Self Service.

Associate ® Administration An Associate administrator has the ability to change the parameters for both the author and for the typist. There can be enterprise.

TEA Student Assessment Division 2  These slides have been prepared by the Student Assessment Division of the Texas Education Agency.  If any slide is.

Business Objects XIr2 Windows NT Authentication Single Sign-on 18 August 2006.

B2access.eudat.eu B2ACCESS User Training How to register with B2ACCESS Version 1 February 2016 This work is licensed under the Creative Commons.

Windows Active Directory – What is it? Definition - Active Directory is a centralized and standardized system that automates network management of user.

COEXISTENCE WITH MICROSOFT EXCHANGE SERVER 5.5 Appendix A.

© 2013 IBM Corporation IBM UrbanCode Deploy v6.0 Support Enablement Training Jenkins plug-in 1 November 2013.

AD Sync Service V2.0 NEIL CHONG-KIT | PRODUCT MANAGER 1 INTRANET CONNECTIONS You Are Here.

Recording Brief EMS Partner Bootcamp Variables Values Module Title

Using Your Own Authentication System with ArcGIS Online

REEF Setup for Students

Centralized Management for Barracuda Networks products

CollegeSource Security Application &

Welcome! To the ETS – Create Client Account & Maintenance

BIM 360 Glue Migration to BIM 360 Account Administration (HQ)

Authentication Interact Cloud.

Analyn Policarpio Andrew Jazon Gupaal

Electronic Handbooks (EHBs) Overview

UCS Director: Tenant Onboarding

O365 & AZURE ADDS Mladen Baranek, Miadria

Prime Service Catalog 12.0 SAML 2.0 Single Sign-On Support

Xgenplus Admin Panel Android App

UCS Director: Tenant Onboarding

What Is Sharepoint? Mohsen Ashkboos

Optimizing Efficiency + Funding

If you are not logged in, visit your Moodle Cloud LMS and login

Innovative Technology for Modern Schools Product Overview Presentation

GALILEO & OpenAthens: 21st Century Authentication for GALILEO Participating Libraries Christopher Holly Director of SaaS Innovation, EBSCO

GALILEO & OpenAthens: 21st Century Authentication for GALILEO Participating Libraries Christopher Holly Director of SaaS Innovation, EBSCO

SIRS and STARS: Now What?

M7: New Features for Office 365 Identity Management

atEvent + HubSpot Integtration Instructions

Office 365 Identity Management

The OpenAthens Admin Dashboard provides a high-level snapshot of account activity and resource usage, along with shortcuts to other areas of the Admin.

10 | Implementing Directory Synchronization

PharmCAS Work Groups.

INTEGRATIONS WITH Single Sign-On

INTEGRATIONS WITH WORKDAY

ADMINISTRATION A guide to setup and manage your innovation platform…

INTEGRATIONS WITH Enterprise HRIS

Presentation transcript:

Prime Service Catalog 12.0 Integration Best Practices – LDAP and SAML Settings

Overview This guide details the prerequisite settings necessary to avoid certain issues that may arise when integrating Prime Service Catalog with UCS Director and/or Cloud Center. Configuration included are: Prime Service Catalog + UCS Director – both connected to same LDAP Prime Service Catalog connected to LDAP + UCS Director not connected to LDAP Prime Service Catalog + UCS Director connected to LDAP – Cloud Center integrated later Prime Service Catalog + Cloud Center + SAML + IDP Prime Service Catalog + Cloud Center + SAML + IDP – UCS Director integrated later

Prime Service Catalog + UCS Director – both connected to same LDAP Issue: At default, UCS Director imports the user with domain name appended to the login name (Example: user name cloudadmin is imported as cloudadmin@domain.com), and Prime Service Catalog imports the user without the @domain.com in the username. This results in duplicate user accounts created in Prime Service Catalog and causes permission issue. Solution: Ensure the following: When integrating UCS Director, do not check the Sync User with IaaS check box on the Configure Integration screen so users and groups are imported from UCS Director. Go to Administration module > Directories tab > Mappings and map the Login ID and Person Identification attributes to userPrincipalName.

Prime Service Catalog connected to LDAP + UCS Director not connected to LDAP To enable Prime Service Catalog users to order UCS Director services, ensure the following: When integrating UCS Director, check the Sync User with IaaS check box on the Configure Integration screen so users and groups are not imported from UCS Director. Users are imported on login event from LDAP mapping. In Organizational Designer in Prime Service Catalog, define a group for each UCS Director group (Example: In Prime Service Catalog, if the Identifier as UCD on the Configure Integration screen, the group name should be UCSD::UCD::<Group name from UCSD>. Map all the users into one the appropriate groups created.

Prime Service Catalog + UCS Director connected to LDAP – Cloud Center integrated later Issue: Cloud Center does not support LDAP integration. Solution: Ensure the following: Prime Service Catalog and USC Director are integrated according to the prerequisites found earlier in this guide. In Prime Service Catalog, create a team or join team by using Team Management so the users will be pushed to Cloud Center. If not creating or joining team using Team Management, when ordering of Cloud Center application profiles the system uses CliqrAdmin credentials.

Prime Service Catalog + Cloud Center + SAML + IDP Issue: Prime Service Catalog and Cloud Center are both connected to the same SAML IDP. Solution: Ensure the following: In Cloud Center, do not enable the Import Person on login event from IDP. In Prime Service Catalog, enable the Import Person on login event from IDP. Prime Service Catalog, create a team or join team by using Team Management so the users will be pushed to Cloud Center. If not creating or joining team using Team Management, when ordering of Cloud Center application profiles the system uses CliqrAdmin credentials.

Prime Service Catalog + Cloud Center + SAML + IDP – UCS Director integrated later Issue: Integrating UCS Director with previously integrated Prime Service Catalog Cloud Center connected to the same SAML IDP Solution: Ensure the following: In Cloud Center, do not enable the Import Person on login event from IDP. In Prime Service Catalog, enable the Import Person on login event from IDP. Prime Service Catalog, create a team or join team by using Team Management so the users will be pushed to Cloud Center. If not creating or joining team using Team Management, when ordering of Cloud Center application profiles the system uses CliqrAdmin credentials. When integrating UCS Director, do not check Sync User with IaaS on the Configure Integration screen so users and groups are not imported from UCS Director. Users are imported on login event from LDAP mapping. In Organizational Designer in Prime Service Catalog, define a group for each UCS Director group (Example: In Prime Service Catalog, if the Identifier as UCD on the Configure Integration screen, the group name should be UCSD::UCD::<Group name from UCSD>. Map all the users into one the appropriate groups created.