Reply
Highlighted

Single Sign-On - Multi Grid Manager

Expert
Posts: 81
3762     0

Hello!

 

Is there a way to disable Single Sign On working with Multi Grid Manager? We want to disable it to force the user to authenticate again at the Grids below the Multi Grid, something like a second layer of security...

 

Thanks in advance.

Paulo Costa

Re: Single Sign-On - Multi Grid Manager

Expert
Posts: 81
3763     0

Hi all!

 

The Infoblox Support team informed me that the SSO feature cannot be disabled. But this "feature" can be made issuing a RFE (Request for Enhancement). I don't know precisely what is the process here and how much time it can take, but I'll report back to my local Infoblox sales team if needed.

 

Thanks in advance.

Paulo Costa

Re: Single Sign-On - Multi Grid Manager

Adviser
Posts: 85
3763     0

 Hi Paulo, 

 

Are you sure about this? I seem to recall there's a user mapping feature and if you don't "validate" the user, SSO won't work to the downstream Grids.

 

To check this, click on your profile name on the top right of the GUI, and at the bottom there is a validate button next to "Grid Credentials". If you validate the Grid, then you can SSO to it. If you "Ignore", then you won't. 

 

You can check status also under the Administration > Administrators > User Mapping tab of the MGM.

 

Let me know how you go.

 

regards,

Jasper

 

 

Re: Single Sign-On - Multi Grid Manager

Expert
Posts: 81
3763     0

Hi Jasper, thanks for replying.

 

I agree with you that this should work this way, but I tried not to inform credentials to the underlying grids. When I try to access a grid using an user account with non-validated (or ignored validation) credentials, all I got back is a blank screen (attached).The odd thing is that I receive an authentication token in the URL after clicking at the Grid link...

 

Anyway... everything works fine with mapped and validated user credentials.

 

Any thoughts?
And thanks again!
Paulo Costa

Re: Single Sign-On - Multi Grid Manager

Adviser
Posts: 85
3763     0

I get the same behaviour. If you ignore the user mapping I get a blank screen. If I accept/validate the user mapping, I get passed through to NIOS.

 

I'm not sure if it's by design to just get a blank screen with auth token, and thus I'm not entirely sure of the mechanics of how it denies user access, so you may have to ask support about this.

 

Either way, it achieves the objective for me.

Showing results for 
Search instead for 
Do you mean 

Recommended for You

Demo: Infoblox IPAM plug-in integration with OpenStack Newton