Patrick-Dussault

Tech Tip : CA Single Sign-On : Integrating SSO with Microsoft Active directory

Discussion created by Patrick-Dussault Employee on Jun 5, 2018

Question:


I'd like to know how to integrate CA Single Sign-On with Microsoft Active Directory.

 

Answer:

 

At first glance, how-to and integration request should be addressed to
CA Services. We invite you to do it now.

 

CA Services
https://www.ca.com/us/services-support/ca-services.html?intcmp=headernav

 

Contact CA Services
https://www.ca.com/us/contact/services.html

 

But we can give you some paths to start your integration.

Usually, we use Active Directory as User Store. Here is the
documentation on how to configure it.

 

From our documentation,

 

Configure an Active Directory User Store Connection
https://docops.ca.com/ca-single-sign-on/12-8/en/configuring/policy-server-configuration/user-directories/configure-an-active-directory-user-store-connection

 

Configure an Active Directory Global Catalog User Directory Connection
https://docops.ca.com/ca-single-sign-on/12-8/en/configuring/policy-server-configuration/user-directories/configure-an-active-directory-global-catalog-user-directory-connection

 

Configure Active Directory as a Policy Store
https://docops.ca.com/ca-single-sign-on/12-8/en/installing/install-a-policy-server/configure-ldap-directory-servers-as-policy-session-and-key-stores/configure-an-ldap-directory-server-as-a-policy-store/configure-active-directory-as-a-policy-store

 

You can take a look at the Password Management integration with Active Directory here :

 

Tech Tip : CA Single Sign-On : Siteminder password Management
https://communities.ca.com/message/242114748-tech-tip-ca-single-sign-on-siteminder-password-management

 

Siteminder password Management

 

https://comm.support.ca.com/kb/siteminder-password-management/KB000096310

 

and some known issues :

 

Tech Tip : CA Single Sign-On : Policy Server authenticate user in Active Directory even if the User must change its password. No redirection happens.

 

https://communities.ca.com/message/241991055-tech-tip-ca-single-sign-on-policy-server-authenticate-user-in-active-directory-even-if-the-user-must-change-its-password-no-redirection-happens

 

Policy Server authenticate user in Active Directory even if the User must change its password. No redirection happens.

 

https://comm.support.ca.com/kb/policy-server-authenticate-user-in-active-directory-even-if-the-user-must-change-its-password-no-redirection-happens/kb000007349

 

Tech Tip : CA Single Sign-On : Cannot configure an AD Namespace in AdminUI

 

https://communities.ca.com/message/242112934-tech-tip-ca-single-sign-on-cannot-configure-an-ad-namespace-in-adminui

 

Cannot configure an AD Namespace in AdminUI

 

https://comm.support.ca.com/kb/cannot-configure-an-ad-namespace-in-adminui/KB000091884

 

KB : KB000098912

Outcomes