• No results found

AVG Business Secure Sign On Active Directory Quick Start Guide

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "AVG Business Secure Sign On Active Directory Quick Start Guide"

Copied!
14
0
0

Loading.... (view fulltext now)

Download now ( 14 Page )

Full text

(1)

 

AVG Business Secure Sign On‐ Active Directory 

Quick Start Guide 

   The steps below will allow for download and registration of the AVG Business SSO  Cloud Connector to integrate SaaS application access and mobile device  management for Active Directory users. 

 

Overview 

The Business SSO identity platform requires an identity repository for storing data about your organization’s users and mobile devices. You can use either or both of the following:

Active Directory: The Business SSO identity platform securely connects

with your existing Active Directory infrastructure through the Business SSO cloud connector to authenticate users when they log in to the web portals and enroll a device. The Business SSO identity platform does not

replicate Active Directory accounts or attributes in the identity platform.

Business SSO user service: The Business SSO identity platform includes

this built-in identity repository. When you select this option, the Business SSO identity platform uses the Business SSO user service account to authenticate users and, if you are using the Business SSO identity platform for mobile device management, to store the enrolled device records.

(2)

When you use Active Directory, your users enter their Active Directory credentials to log in to the Business SSO user portal and enroll devices.

You can use both identity stores simultaneously, too. For example, even if

you decide to use Active Directory as your primary identity store, the Business SSO

user service can provide a convenient supplemental repository for the following types of users:

Emergency administrators: If there is ever a network break down to

the Active Directory domain controller, no one with just an Active Directory account can log in. However, if you create administrator accounts in Business SSO user service, these users can log in to Cloud Manager and the Business SSO user portal and launch web applications.  Temporary users: If you have temporary users—for example,

customers, contractors, and partners—who need to run your web

applications, it may be easier and less risky to add them as Business SSO user service accounts rather than Active Directory accounts.

Using the Active Directory and Business SSO user service ID 

repositories 

The Business SSO identity platform can use both Active Directory and Business SSO user service accounts to authenticate users. You must have the cloud

connector installed to use Active Directory accounts.

When the identity platform receives an authentication request, it checks the ID repositories for the account name in the following order:

1. Business SSO user service by name 2. Active Directory user by user

(3)

In addition, the Business SSO identity platform uses the contact information in Active Directory or the cloud accounts to contact users when multifactor authentication is enabled for logging in to Cloud Manager and the Business SSO user portal and applications that are configured for strong authentication. If the contact information is wrong, the user is not able to log in.

 

 

 

 

Installing Business SSO cloud connectors and administrator 

consoles

 

This document explains how to use the Business SSO Cloud Management Suite installation wizard for the following purposes:

 To install a Business SSO cloud connector for authenticating identity platform users by using an Active Directory account

 To create administrator consoles for identity platform administrators. This lets you use Active Directory Users and Computers to manage identity platform users and enrolled devices and the Group Policy Management Editor to create group policy objects for mobile device policies.

You only need to install any of these components if you are using Active Directory accounts to authenticate identity platform users. (Active Directory user accounts and attributes are not replicated in the Business SSO identity platform.)

(4)

To install and configure a Business SSO cloud connector you need the following:

Item Description

Business SSO Cloud Management Suite installer This program installs the cloud connector, Active Directory and group policy console extensions, and the Business SSO Cloud Connector Configuration Program. To get the installer, you open Cloud Manager, click Settings, click Cloud

Connectors, and click Add cloud connector.

Repeat this procedure every time you install a cloud connector to ensure you get the latest version of the cloud connector.

Host computer joined to the domain controller You install the Business SSO cloud connector on a Windows computer to establish the communications link between the Business SSO identity platform and Active Directory domain controller.

If you are referencing accounts in an Active Directory tree or forest, the cloud connector can joined to any domain controller in the tree (it does not need to be the root). In addition, that domain controller must have two-way, transitive trust relationships with the other domain controllers. Refer to the help section below on Supporting user authentication for multiple domains for the details. This computer must be in your internal network and meet or exceed the following requirements:

•Windows Server 2008 R2 or newer (64-bit only) with 8 GB of memory, of which 4 GB should be available for cloud connector cache functions.

•Has Internet access so that it can access the Business SSO identity platform.

Has a Baltimore Cyber Trust Root CA certificate installed in the Local Machine Trusted Certificate root authorities store. •

Microsoft .NET version 4.5 or later; if it isn’t already installed, the installer installs it for you.

Be a server or server-like computer that is always running and accessible.

User account with the proper Active Directory and identity platform permissions.

(5)

permissions to install the cloud connector for the details. To register the cloud connector in your identity platform account, you must be either a member of the sysadmin role or be a member of a role that has the Register Cloud Connectors permission.

Web proxy server (optional) If your network is configured with a web proxy server that you want to use to connect to the Business SSO identity platform, you specify this server during the installation process. The web proxy server must support HTTP1.1 chunked encoding.

Firewall settings 

You should configure you firewall to allow outbound traffic over the following ports:

Port numbers Resource

(6)

If your organization has outbound firewall rules that are based on IP address whitelisting, you need to add the Microsoft Windows Azure Service Bus service to the whitelist. Go to the following URL to get the most current list of IP

addresses: www.microsoft.com/en-us/download/details.aspx?id=41653      

Steps to setup Active Directory 

  1. Login to the AVG Business SSO Cloud Manager portal 

(7)
(8)
(9)
(10)
(11)
(12)
(13)

  

 

 

Verify that active directory has been set up: 

   The final step before adding additional apps, roles or policies to the Cloud Manager  should be to verify both Active Directory and cloud‐based users can be invited and  login to the AVG Business SSO User portal. A successful login is required before users  can access SaaS applications or enroll mobile devices.    To invite active directory users click Users >Invite User. In the dialog box that opens  you will now see an additional active directory entry under ‘Source’. This will be  checked by default. To invite users start typing the name of the AD user and it will  show up under the user list          By default, all Active Directory users have login rights 

(14)

References

Download now ( PDF - 14 Page - 868.55 KB )

Related documents

Vyom SSO-Edge: Single Sign-On for BMC Remedy

Vyom Labs SSO-Edge delivers secure Single Sign-On (SSO) for BMC Remedy by seamlessly integrating BMC Remedy with Microsoft Active Directory and other SSO Servers in

SAP Single Sign-On 2.0 Overview Presentation

• Authenticate once to an authentication server (Active Directory, AS ABAP,..) • Received security token confirms identity for each subsequent login to

Configuring Active Directory Binding for OS X (10.4.x) within Miami Dade Schools

You can start or stop using mobile Active Directory user accounts on a computer that is configured to use Directory Access's Active Directory plug-in. Users with mobile ac- counts

Office 365 deployment checklists

For details, see Creating Office 365 user accounts by synchronizing with Active Directory and Enabling directory synchronization for cloud

INSTALLATION AND AMINISTRATION GUIDE

Alternatively, the server may be setup to authenticate users using Microsoft Active Directory (Active Directory Authentication) or using basic LDAP authentication..

SafeNet Authentication Manager Express. Administration Guide All versions

Management Snap-in for Active Directory (if managing users in Active Directory), the MobilePASS Portal (if testing or deploying MobilePASS authenticators), the Cloud

Bridging the gap between local IT and Cloud services, keeping you in control

Resilient SSO Redundant Active Directory in a Virtual Private Cloud (Azure based), with integration to Microsoft Active Directory Federation Services (AD FS).. The latter enables

Spotlight on Active Directory Quick Start Guide

You can install the Quest Spotlight on Active Directory Distributed Collector using autorun.exe, which is provided in the installation package.. You can also view the