12-22-2015 04:59 AM
Is there a way to disable Single Sign On working with Multi Grid Manager? We want to disable it to force the user to authenticate again at the Grids below the Multi Grid, something like a second layer of security...
Thanks in advance.
12-22-2015 12:55 PM
The Infoblox Support team informed me that the SSO feature cannot be disabled. But this "feature" can be made issuing a RFE (Request for Enhancement). I don't know precisely what is the process here and how much time it can take, but I'll report back to my local Infoblox sales team if needed.
Thanks in advance.
12-22-2015 03:14 PM
Are you sure about this? I seem to recall there's a user mapping feature and if you don't "validate" the user, SSO won't work to the downstream Grids.
To check this, click on your profile name on the top right of the GUI, and at the bottom there is a validate button next to "Grid Credentials". If you validate the Grid, then you can SSO to it. If you "Ignore", then you won't.
You can check status also under the Administration > Administrators > User Mapping tab of the MGM.
Let me know how you go.
12-22-2015 03:33 PM
Hi Jasper, thanks for replying.
I agree with you that this should work this way, but I tried not to inform credentials to the underlying grids. When I try to access a grid using an user account with non-validated (or ignored validation) credentials, all I got back is a blank screen (attached).The odd thing is that I receive an authentication token in the URL after clicking at the Grid link...
Anyway... everything works fine with mapped and validated user credentials.
And thanks again!
12-23-2015 02:07 PM
I get the same behaviour. If you ignore the user mapping I get a blank screen. If I accept/validate the user mapping, I get passed through to NIOS.
I'm not sure if it's by design to just get a blank screen with auth token, and thus I'm not entirely sure of the mechanics of how it denies user access, so you may have to ask support about this.
Either way, it achieves the objective for me.