Mostly dublicate with Basic LDAP integration - SSO

NOTE: Ubisecure product names were unified in autumn 2011. All products which started with term "Ubilogin" were renamed to start with term "Ubisecure". In documentation this name change is implemented retroactively, i.e., the new naming practice is used also when referring to old software versions which started with term "Ubilogin" at the time of their release.

This documentation describes the Ubisecure Schema enhanced LDAP specific implementation alternative for the Ubisecure External Directory Integration feature. The main focus is on the installation and configuration of this alternative of the Ubisecure External Directory Integration feature.

This alternative can be used with Active Directories and other LDAP directories when schema changes can be made to them. In Ubisecure terminology, the chosen directory is also called the External Directory.

In this case the Ubisecure Authentication Server has a read/write LDAP or LDAPS connection with the external directory. The schema changes enable external directory password policies.


Figure 1. Ubisecure Schema Enhanced LDAP Integration architecture overview

Requirements

For successful integration, the following conditions should be met:

Ubisecure SSO Server is accessible with administrative privileges
Active Directory, AD LDS or LDAP is accessible (Typically port 389 or 636 for SSL)
Ubisecure Management installation directory is accessible

Browser not supported