Highlighted
Rodders1
2 Bronze

NMC Single-Sign-On

Jump to solution

All,

I am trying to implement single sign on for the NMC and thus far I have been unsuccessful in finding any documentation as to how this can be done and the livechat guys seem unable to provide me with any answers.

I currently hav eneabled LDAP authentication for users of a group in Active Directory and I would like to enable Single-Sign-On for them.

Is it possible? Is there any software needed.

Thanks in advance,

Cheers,

Rodders

0 Kudos
1 Solution

Accepted Solutions
sweller1
2 Iron

Re: NMC Single-Sign-On

Jump to solution

Hello Rodders,

I like the way you think, innovation! Smart badges are cool but we are not quite there yet and NetWorker has no ability right now to be able to take advantages of the technology.

As far a single sign on, as well the Management Console does not track the user that is currently logged into the system and allow those creds to be used, say like Exchange does when you log into your domain. It simply allows you, once you configured LDAP in NMC, to make any mods or cred changes in LDAP and those will get pushed up to NMC so you do not have to go change them yet a second time there. It is a step in the right direction but these types of security changes are slow to come. Basically it is due to the extreme sensitivity we in the data protection world have when comes to who we allow to see your data.

It may seem a bit conservative but better safe than sorry really. That's the business.

However, we are not averse to talking and introducing these types of new ideas so we will most certainly keep this in mind.

Cheers!

Steve

View solution in original post

0 Kudos
6 Replies
ecarter11
3 Argentium

Re: NMC Single-Sign-On

Jump to solution

Hi Rodders,

NetWorker 7.5 and higher supports the integration w/ LDAP.  You don't need any software other than NW server and NMC.  I attach here the section of the 7.6 Admin Guide that in the first few pages talks about this.  Maybe this can help get you started?  If this simply is not getting you there, let us know.

Regards

Eric

ecarter11
3 Argentium

Re: NMC Single-Sign-On

Jump to solution

Rodders - I just read the other thread you have on LDAP integration (https://community.emc.com/thread/109268) so I'm sure you've been through what I just provided in the last response and need deeper help.  The other discussion closed with you having LDAP integration working.  So in this case are you looking for Single Sign On in the sense that after a user logs in elsewhere they wouldn't be prompted by NMC for log in details?

Rodders1
2 Bronze

Re: NMC Single-Sign-On

Jump to solution

Hi Eric,

Yes, I do have the LDAP authentication working fine but now I am looking for a way that will enable the allowed users (ones in the AD group that I've set up for LDAP authentication) to be able to use NMC in SSO mode. Like you said, once the user is signed in else where they wouldn't be prompted for login in the NMC.

Regards,

Rodders

0 Kudos
Rodders1
2 Bronze

Re: NMC Single-Sign-On

Jump to solution

I don't know if you know what it is but we use Smartbadges for authentication onto the workstations and I was wondering if the NMC would be able to authenticate that same user as long as they have logged in onto their machine.

I have heard about softwares that enable SSO into applications from the AD and I was wondering if anyone knows any that do this

Thanks in Advance,

Rodders

.

0 Kudos
sweller1
2 Iron

Re: NMC Single-Sign-On

Jump to solution

Hello Rodders,

I like the way you think, innovation! Smart badges are cool but we are not quite there yet and NetWorker has no ability right now to be able to take advantages of the technology.

As far a single sign on, as well the Management Console does not track the user that is currently logged into the system and allow those creds to be used, say like Exchange does when you log into your domain. It simply allows you, once you configured LDAP in NMC, to make any mods or cred changes in LDAP and those will get pushed up to NMC so you do not have to go change them yet a second time there. It is a step in the right direction but these types of security changes are slow to come. Basically it is due to the extreme sensitivity we in the data protection world have when comes to who we allow to see your data.

It may seem a bit conservative but better safe than sorry really. That's the business.

However, we are not averse to talking and introducing these types of new ideas so we will most certainly keep this in mind.

Cheers!

Steve

View solution in original post

0 Kudos
Rodders1
2 Bronze

Re: NMC Single-Sign-On

Jump to solution

Hi Steve,

Thanks for the information. Indeed it is a shame that some possibilities haven't caught on yet but hopefully one day some folks will be able to make good use of such ideas.

I guess for now I will have to stick to LDAP authentication (so wanted something fancier )

Cheers,

Rodders.

0 Kudos