cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
190
Views
0
Helpful
1
Replies
Beginner

Jabber with Multi-Forest/Domain and SSO

Hello,

 

We are planning a new deployment for a client with multiple forests and domains. I know that you can use LDS to combine the directories and allow users to login. If we were to implement SSO and the IdP was able to authenticate users in each domain, would we need to do LDS still? I know we would need to do the LDAP directory sync but I'm wondering if SSO would negate having to do the LDAP authentication in CUCM.

 

Thank you,

James

 

 

1 REPLY 1

Re: Jabber with Multi-Forest/Domain and SSO

SSO does not negate the LDAP sync - you still need to pull End Users in to the database.

The only officially supported way to support multi-forest on the same cluster is with MS LDS. The problem is that LDS is very poorly understood by most Microsoft admins. You may want to consider the viability of a cluster per-forest and rely on things such as ILS, EMCC, IM&P Inter-Cluster Peering, and CUC HTTPS Digital Networking instead.
CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards