Changes for page Einmalanmeldung

From version < 3.1 >
edited by gru
on 25.03.2019, 12:03
To version < 4.1 >
edited by sas
on 20.02.2020, 14:10
< >
Change comment: There is no comment for this version

Summary

Details

Page properties
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.gru
1 +XWiki.sas
Content
... ... @@ -1,22 +3,20 @@
1 -Da Kerberos und NTLM jetzt im Einmalanmeldemenü zusammen sind, muss diese Seite in deutsch und englisch neu erstellt werden. Der Inhalt der beiden alten Seiten befindet sich erstmal noch hier:
2 -
3 3  {{content/}}
4 4  
5 -{{figure image="FCSnapshot27.png"}}
6 -User interface for setting up LDAP authentication via NTLM
3 +{{figure image="single_sign_on_ntlm_en.png" width="600"}}
4 +User interface for setting up {{smallcaps}}Ldap{{/smallcaps}} authentication via {{smallcaps}}Ntlm{{/smallcaps}}. Available only if the license allows it.
7 7  {{/figure}}
8 8  
9 -NTLM (NT LAN Manager) can be used to authenticate users of a form.
7 +{{smallcaps}}Ntlm{{/smallcaps}} (NT LAN Manager) can be used to authenticate users of a form.
10 10  
11 -A common use case are forms used internally by some company, and that may be accessed only by the employees of that company. The user data of the active directory can be accessed via NTLM.
9 +A common use case are forms used internally by some company, and that may be accessed only by the employees of that company. The user data of the active directory can be accessed via {{smallcaps}}Ntlm{{/smallcaps}}.
12 12  
13 13  {{info}}
14 -NTLM may not be available depending on your license.
12 +{{smallcaps}}Ntlm{{/smallcaps}}may not be available depending on your license.
15 15  {{/info}}
16 16  
17 17  == Using NTLM ==
18 18  
19 -Activate this option to use NTLM.
17 +Activate this option to use {{smallcaps}}Ntlm{{/smallcaps}}.
20 20  
21 21  === Synchronize with {{fserver/}} ===
22 22  
... ... @@ -24,17 +24,17 @@
24 24  
25 25  === Domain controller host ===
26 26  
27 -The host (FQN) of the active directory controller used for authenticating users via NTLM and transmitting their data over LDAP.
25 +The host (FQN) of the active directory controller used for authenticating users via {{smallcaps}}Ntlm{{/smallcaps}} and transmitting their data over {{smallcaps}}Ldap{{/smallcaps}}.
28 28  
29 29  {{code}}
30 30  Example: domain.example.com
31 31  {{/code}}
32 32  
33 -Connection to the LDAP server for the LDAP search account has been established successfully
31 +Connection to the {{smallcaps}}Ldap{{/smallcaps}} server for the {{smallcaps}}Ldap{{/smallcaps}}search account has been established successfully
34 34  
35 35  == NTLM authentication ==
36 36  
37 -The following settings are required for enabling users to authenticate via NTLM.
35 +The following settings are required for enabling users to authenticate via {{smallcaps}}Ntlm{{/smallcaps}}.
38 38  
39 39  === Host name of the domain controller host ===
40 40  
... ... @@ -68,7 +68,7 @@
68 68  A computer account is recognizable by the '$' character in the domain name. e.g. example$@domain.de
69 69  {{/info}}
70 70  
71 -[[Help pages of //ca technologies// on creating a computer account for NTLM authentication on active directory server.>>url:https://wiki.ca.com/display/GATEWAY83/Creating+a+Computer+Account+for+NTLM+Authentication||rel="__blank" title="Creating a Computer Account for NTLM Authentication"]]
69 +Help pages of ca technologies on [[creating a computer account for NTLM authentication on active directory server.>>https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-gateway/9-3/policy-assertions/assertion-palette/access-control-assertions/require-ntlm-authentication-credentials-assertion/creating-a-computer-account-for-ntlm-authentication.html||rel="__blank" title="Creating a Computer Account for NTLM Authentication"]]
72 72  
73 73  === computer account password ===
74 74  
... ... @@ -76,15 +76,15 @@
76 76  
77 77  == LDAP user lookup ==
78 78  
79 -The following settings concern the user lookup after a successful NTLM authenication.
77 +The following settings concern the user lookup after a successful {{smallcaps}}Ntlm{{/smallcaps}} authenication.
80 80  
81 81  === Port ===
82 82  
83 -The port for connecting to the LDAP server for the user lookup.
81 +The port for connecting to the {{smallcaps}}Ldap{{/smallcaps}} server for the user lookup.
84 84  
85 85  === SSL encryption ===
86 86  
87 -Enables SSL encryption when communicating the the LDAP server.
85 +Enables SSL encryption when communicating the the {{smallcaps}}Ldap{{/smallcaps}} server.
88 88  
89 89  === Hop count ===
90 90  
... ... @@ -104,7 +104,7 @@
104 104  
105 105  === Base DN für user lookup ===
106 106  
107 -LDAP base DN used for looking up authenticated users.
105 +{{smallcaps}}Ldap{{/smallcaps}} base DN used for looking up authenticated users.
108 108  
109 109  {{code}}
110 110  Example: ou="users", dc="example", dc="de"
... ... @@ -114,7 +114,7 @@
114 114  
115 115  == Settings for Kerberos authentication ==
116 116  
117 -{{figure image="kerberos"}}
115 +{{figure image="single_sign_on_kerberos_en.png" width="600"}}
118 118  User interface for editing the settings for Kerberos authentication. Available only when the license includes this option.
119 119  {{/figure}}
120 120  
... ... @@ -128,7 +128,7 @@
128 128  
129 129  === Synchronize with frontend server ===
130 130  
131 -When activated, all changes to the configuration will be sent to all available {{fserver number="plural"/}}.
129 +When activated, all changes to the configuration will be sent to all available frontend servers.
132 132  
133 133  === Username ===
134 134  
... ... @@ -137,7 +137,7 @@
137 137  Normally this is the user account of the active directory that is setup as a service account.
138 138  
139 139  {{info}}
140 -When no //default_realm// has been specified in the section //[libdefaults]// of the file //krb5.conf//, you will need to enter the username with a domain (FQDN).
138 +When no //default_realm// has been specified in the section //[libdefaults]// of the file //krb5.conf//, you will need to enter the username with a domain (FQDN).
141 141  Example: user@EXCAMPLE.COM
142 142  {{/info}}
143 143  
... ... @@ -240,12 +240,12 @@
240 240  The name in the //login.conf// file for the server to be used, eg. {{code}}spnego-server{{/code}}.
241 241  
242 242  {{error}}
243 -When you keep getting a HTTP 400 error with Kerberos activated, the most likely cause is that the HTTP header size of the Kerberos ticket exceeds the default header size limit of the application server, eg. Tomcat of JBoss. See the help pages on [[changing the HTTP header size limit>>doc:Main.Beschraenkung der HTTP-Header-Groesse aendern]].
241 +When you keep getting a HTTP 400 error with Kerberos activated, the most likely cause is that the HTTP header size of the Kerberos ticket exceeds the default header size limit of the application server, eg. Tomcat of JBoss. See the help pages on [[changing the HTTP header size limit>>doc:Formcycle.SystemSettings.TomcatSettings.LimitHTTPHeader]].
244 244  {{/error}}
245 245  
246 246  == LDAP user search ==
247 247  
248 -The following settings are required to retrieve information about the authenticated user from an LDAP (MS active directory). This data is then available in the form and can be accessed by JavaScript code.
246 +The following settings are required to retrieve information about the authenticated user from an {{smallcaps}}Ldap{{/smallcaps}} (MS active directory). This data is then available in the form and can be accessed by JavaScript code.
249 249  
250 250  === Domain controller host ===
251 251  

Navigation

Copyright 2000-2024