Install an SSO Server and smart card

This section describes how to:

  • Install a new SSO server, with or without smart card, into an existing CM installation.

  • Connect a CM server to an existing SSO server with or without smart card.

SSO and smart card limitations and requirements

  • The only smart card client reader supported is the Common Access Card (CAC), a United States Department of Defense (DoD) smart card issued as standard identification for logging in to DoD hosted software.

  • Smart card authentication is only supported on Linux and Solaris.

  • Installing or configuring an SSO server requires specific Light Directory Access Protocol (LDAP) parameters. For details, see SSO authentication prerequisites.

  • See the SSO and smart card prerequisites in Single sign-on prerequisites‌‌.

Install

  1. Run the server installer. Read and accept the license agreement.

  2. Select New Install and then Server.

  3. Select Install SSO Server or Configure to use an Existing one Only.

  4. Select an installation option:

    • Dimensions SSO

    • Dimensions SSO and Smart Cards

  5. Accept the directory where the server is installed or choose a different one.

  6. Enter the following information:

    • OS account name and password for the Dimensions CM system administrator. Default: dmsys

    • Host name of the Dimensions CM server.

    • Server port for http connections. Default: 8080

  7. Select an SSO server installation option:

    • New: Install a new SSO server.

    • Existing: Configure a connection to an existing SSO server, for example, Solutions Business Manager (SBM).

  8. To configure SSO and smart card:

    • Existing SSO server: Specify the SSO server’s host name and port. Optionally select a secure HTTPS connection.

    • New SSO server without smart card:

      To configure LDAP details for user credentials, enter parameters for Hostname, Port, Base DN, Search Filter, Bind User DN, and Password.

      Defaults:

      • Port: 389

      • Search Filter: (&(objectClass=user)(sAMAccountName={0}))

      For information about server SSO and smart card parameters, see Single sign-on prerequisites‌‌.

    • New SSO server with smart card:

      • To configure the LDAP connection for authenticating smart cards, enter parameters for Hostname, Port, Bind User DN, and Password.

        Default port: 389

      • To configure LDAP details for user credentials, enter parameters for Hostname, Port, Base DN, Search Filter, Bind User DN, and Password.

        Search Filter default: (&(objectClass=user)(sAMAccountName={0})).

        For information about server SSO and smart card parameters, see Single sign-on prerequisites‌‌.

  9. Review the settings and click Install.

    When installation is complete, click Finish.

  10. Manually configure the smart card trusted certificate authorities. For details, see Configure trusted certificate authorities.