Expand my Community achievements bar.

SOLVED

SSO Implementation

Avatar

Level 2
Level 2
5/12/17 12:45:36 AM

We are looking at implementing SSO for AEM instance (IdP will use LDAP AD).

A couple of questions that I have,

1. Do we first have to manually create the user(s) in AEM (with same userid as in AD)?

2. Do we also have to first create the groups and add member appropriately to ensure permissible access to the repository?

Otherwise is there an alternate way to have the users and groups created automatically by pulling in data from AD?

Views

1.5K

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 3
Level 3
5/12/17 8:08:35 AM

Please find the answers to your questions inline:

1. Do we first have to manually create the user(s) in AEM (with same userid as in AD)? Yes, users need to be present in AEM for SSO to work

2. Do we also have to first create the groups and add member appropriately to ensure permissible access to the repository? Yes, user need to have all the ACL's defined

Otherwise is there an alternate way to have the users and groups created automatically by pulling in data from AD? Yes, you can import users from LDAP. You can sync a userlist using CURL[1]

Also I have attached a document that I created a while back. The steps were done using Apache.

 

[1] https://helpx.adobe.com/experience-manager/kb/how-to-synchronize-user-with-ldap.html

View solution in original post

Views

1.4K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
3 Replies

Avatar

Level 10
Level 10
5/12/17 5:39:45 AM

Here is the AEM docs on SSO - i hope this can help you: 

https://docs.adobe.com/docs/en/aem/6-2/deploy/configuring/single-sign-on.html

Views

997

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 10
Level 10
5/12/17 5:41:23 AM

Also - here is a related GEMS session that may help too: 

https://docs.adobe.com/ddc/en/gems/saml-and-aem.html

Views

997

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Level 3
Level 3
5/12/17 8:08:35 AM

Please find the answers to your questions inline:

1. Do we first have to manually create the user(s) in AEM (with same userid as in AD)? Yes, users need to be present in AEM for SSO to work

2. Do we also have to first create the groups and add member appropriately to ensure permissible access to the repository? Yes, user need to have all the ACL's defined

Otherwise is there an alternate way to have the users and groups created automatically by pulling in data from AD? Yes, you can import users from LDAP. You can sync a userlist using CURL[1]

Also I have attached a document that I created a while back. The steps were done using Apache.

 

[1] https://helpx.adobe.com/experience-manager/kb/how-to-synchronize-user-with-ldap.html

Views

1.4K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Custom Translation Plugin Configuration: How to implement a form as Microsoft Translation Solved

Views

175

Likes

0

Replies

1
AEM Taxonomy Implementation Solved

Views

277

Likes

0

Replies

5
AEMaaCS DAM Implementation Solved

Views

208

Likes

0

Replies

1
Implementing S3 store for AEM datastore Solved

Views

311

Likes

0

Replies

3
AEM Traditional, Headless and Hybrid Implementation Solved

Views

396

Likes

0

Replies

7