cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
199
Views
15
Helpful
6
Replies

How to setup SAML SSO authentication in Expressway C

Yenosh
Beginner
Beginner

How to setup SAML SSO authentication in Expressway C.

We want jabber users to login using SSO , can any one please guide how to enable it on expresscways

SSO enabled in CUCM cluster

6 Replies 6

Roger Kallberg
VIP Expert VIP Expert
VIP Expert

This is outlined in the MRA configuration guide. See this link for details on this. https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/expressway/config_guide/X12-7/exwy_b_mra-deployment/exwy_m_basic-configuration.html#task_A458A57F311E876761D31B48B30F5AD5

Basically it is these steps.

  1. Export the SAML metadata from your Expressway
  2. Configure a trust in the Identity Provider (IdP)
  3. Import the SAML Metadata from the IdP
  4. Associate Domains with an IdP

 



Response Signature


Yenosh
Beginner
Beginner

Hi all,

Thank for sharing the links to good docs, Please have a look on my obeservation

1) Export the SAML Metadata from the Expressway-C
2) import expressway file to Identity Provider( We are not handling IDP other team taking care of it, as it needs to be done by other tea,)
3) Import the SAML Metadata from the IdP and export to Expressway C
4) In Expressway-C, associate the domain to the Identity Provider.
5) Setauthetication path to :SAML SSO authentication/SAML SSO and UCM/LDAP.

Traversal zones are already configured inboth E and C.

As SSO enabled on call manager , so is it ok export SAML meta data file from call manager and import to Expressway C? or do I need to proceed with export the Metadata from the Expressway-C as it contains hostname of Expressway C.

Your description looks ok.
About CUCM-SSO: This has nothing to do with setting up SSO on Expressways, so you don't need to do anything with CUCM.

Thanks, I will work on it and let you know if it works or not

On your question about CM SSO, there is no part in that setup that has any correlation with the SAML metadata from the Expressway C. CM has its own SAML metadata and its own trust in the IdP. On your second part of that section I’m afraid that I don’t really understand what you’re asking about. Would you please mind to clarify?



Response Signature


Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: