Versions Compared

Old Version 11

changes.mady.by.user Tatiana Bieliakova

Saved on

compared with

New Version 12

changes.mady.by.user Tatiana Bieliakova

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Html
<div id="fb-root"></div>
<script>(function(d, s, id) {
  var js, fjs = d.getElementsByTagName(s)[0];
  if (d.getElementById(id)) return;
  js = d.createElement(s); js.id = id;
  js.src = 'https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.11';
  fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));</script>
Html
<div class="fb-like" data-href="https://confluence.wildix.com/x/rABOAg" data-layout="button_count" data-action="recommend" data-size="large" data-show-faces="true" data-share="true"></div>

...


Scroll export button
scopecurrent
template-id0fa09813-8b86-460a-aa1d-ef450a80e9ce
quick-starttrue
add-onScroll PDF Exporter

Info

This Guide describes how to set automatic Single Sign-On via Active Directory.

WMS Version: 5.X0 / 4.0X

Created: March 2019

Updated: May 2022

Permalink:   https://confluencewildix.wildixatlassian.comnet/wiki/x/rABOAg_QjOAQ

Table of Contents


Step 1. Generate KeyTab file in Active Directory

...

2. Go to Active Directory Users and Computers -> Computers and create a new computer account:


Image Added

Note

Notes:

  • This account should not contain a user with the same name.
  • It is recommended to avoid upper case.

...

When KeyTab is generated, it appears on the disk - d: \ some-name.keytab:

Image Added

Step 2. Upload KeyTab file to PBX

  • Go to WMS Settings -> PBX -> Security
  • Enable Active Directory Single SignOn via Kerberos (Negotiate)

  • Upload KeyTab file previously generated in Active Directory 

    Note

    Limitation: Only "0-9", "a-z", "A-Z", "_," '- ", "@", "." characters are allowed in KeyTab file name.


  • Enter Kerberos FQDN of the KeyTab. It contains encoded domain name/ IP address of PBX:

    Image Added


Step 3. Import users from AD

...

  • On Windows PC, connected to Active Directory, log in to the system with a user who was previously imported to PBX

  • Reach PBX via the domain name configured as Kerberos FQDN (the name must be resolved to PBX IP address). For example, glebka-test1.wildix2016.inc  

    Note

    Note: Configure your browser to authenticate SSO. Refer to the next chapter Browser configuration.


  • If everything is set up correctly, then you log in automatically to Collaboration with the user that you are logged in to Windows PC

...

Opera does not currently support Kerberos authentication.

...

Debugging

See instructions in case the following error messages are present in wms.log: 

...

Check the connection logs and find out what is the PrincipalName used for connection: USER@DOMAIN or USER? If there are no logs of the user, the issue could be the auth-server-whitelist. 


Macrosuite divider macro
dividerTypetext
dividerWidth70
emoji{"id":"smile","name":"Smiling Face with Open Mouth and Smiling Eyes","short_names":["smile"],"colons":":smile:","emoticons":["C:","c:",":D",":-D"],"unified":"1f604","skin":null,"native":"😄"}
textColor#000000
dividerWeight2
labelPositionmiddle
textAlignmentcenter
iconColor#0052CC
fontSizemedium
textNot finding the help you need? Join the Facebook group to ask a question!
emojiEnabledfalse
dividerColor#DFE1E6
dividerIconbootstrap/CloudsFill

Button macro
buttonTextFacebook
isButtonShadowOntrue
emoji{"id":"smile","name":"Smiling Face with Open Mouth and Smiling Eyes","short_names":["smile"],"colons":":smile:","emoticons":["C:","c:",":D",":-D"],"unified":"1f604","skin":null,"native":"😄"}
buttonBorderColor#4267b2ff
buttonColor#4267b2ff
buttonNewTabfalse
buttonFontColor#ffffff
buttonSizemedium
buttonIconColor#ffffff
buttonWidthDetection46
buttonHoverColor#ffffff
buttonIconfont-awesome/FacebookSquare
buttonTypeicon_left
buttonLink{"link":"https://www.facebook.com/groups/wildixtechwizards","source":"direct"}
buttonNewLink
buttonRadius3
buttonShadow0
id228
emojiEnabledfalse
buttonWidth20