I'm just starting playing around with CIAC.
In our lab CIAC, i've just enabled directory integration and am now occasionally seeing errors in CPO process trying to connect back to CCP with following error messages: Login failed for user Admin.
I believe this due to the portal trying to authenticate the user admin against AD whilst this is a local CCP user.
Has anyone else seen this behaviour?
What can I do to solve this?
This is by design as the user authenticating against AD needs to be in AD. It is documented in the Appendix A of 3.1.1 Config Guide and specifically states:
A user account (any username) with “Read MemberOf” permissions that will be used for performing authentication, directory searches, and user imports into the cloud portal. A user account (any username) with “Read MemberOf” permissions that will be used for performing authentication, directory searches, and user imports into the cloud portal.
Take a look at the "Administrative Bypass of SSO" session in the Integration Guide document (page 1-11). It describes a way to bypass SSO in emergency cases.
I am working on an SSO related task, and the document you've pointed to might have information I am looking for. Could you please point me to where I can access this.
I found the document at Cisco's download site. Not sure if you are able to reach it but here it goes anyway:
Hope it helps.
Thanks a bunch Otavio. I was able to reach it.
I had a related question on this link, do let me know if you've seen a similiar usecase with Cisco Portal.