Contact Us

Experience Center

Introduction to vuSmartMaps™

Getting Started with vuSmartMaps™

Installing vuSmartMaps™

4.1 Configuring Observability Sources

4.1.1 Observability Sources

4.1.2 Data Pipeline and Parser Configuration

4.1.3 Data Enrichment Techniques

4.2 Configuring RCABot and ML Models

 

5.1 Dashboards and Visualization 

5.2 Alert Console and Correlation

5.3 Alerts and Notification

5.3.1 Rule-based and Dynamic threshold-based Alerts

5.3.2 Programmable Alerts

5.4 Notifications and Triggers

5.5 Alert Customization Notification

5.6 RCABot and ChatBot Interactions

5.7 Comprehensive Reporting

5.9 Application Observability

6.1 Dashboard Creation

6.1.1 Visualizations 

6.1.1.1 Panels

6.1.1.2 Custom Panels

UTM Visualization

Matrix Visualization

Insights

6.2 Alert Creation

6.3 Report Generation

7.1 Users Management and RBAC

7.2 Authentication and Security

7.3 Data Management and Data Model Handling 

7.3.1 Storage

7.3.2 Retention

7.3.3 Export/Import 

Resource Management

Import Data

7.3.4 Working with Data Model

7.4 Control Center

7.4.1 License Entitlements

7.5 Platform Settings

7.5.1 Definitions

7.5.2 Preferences

7.5.3 About

Authentication and Security > LDAP, ADFS Integration

LDAP, ADFS Integration

LDAP Integration

LDAP, or Lightweight Directory Access Protocol, serves as a “phone book” for networks. It offers centralized storage for usernames, passwords, and user attributes. LDAP verification is crucial for user identity and permission management, providing the fundamental mechanism for logging in with credentials.

Configure LDAP

LDAP setup can be accomplished via the identity provider or vuSmartMaps™, with the latter utilizing the identity provider’s API. The process involves various settings like Connection URL, Bind DN, and more.

LDAP Configuration Guide

Follow these step-by-step instructions to configure LDAP Integration using the identity provider’s User Federation section:

  1. Accessing the Configuration Page: Open the identity provider administration console and navigate to the “User Federation” section. Click on Add LDAP Providers to begin the configuration process.



  2. Setting up the LDAP Provider: You’ll be presented with a form similar to the one shown below:



    • Connection URL: Enter the URL where the LDAP server is hosted. Identity Provider (IDP) will use this URL to establish a connection.
    • Enable StartTLS: Choose to encrypt the LDAP connection using StartTLS, enhancing security.
    • Bind DN: Provide the Distinguished Name (DN) of the LDAP admin. IDP will use this DN to access the LDAP server.
    • Bind Credentials: Input the password of the LDAP admin.
    • Edit Mode: This setting’s value is enforced as READ_ONLY, ensuring security and stability.
    • Users DN: Specify the full DN of the LDAP tree where user data is located.
    • Username LDAP Attribute: Define the LDAP attribute that is mapped as the IDP’s username.
    • RDN LDAP Attribute: Set the LDAP attribute used as the RDN (top attribute) of the typical user DN.
    • UUID LDAP Attribute: Specify the LDAP attribute serving as a unique object identifier (UUID) for LDAP objects.
    • User Object Classes: List all values of the LDAP objectClass attribute for users in LDAP, separated by commas.
    • User LDAP Filter: Add an additional LDAP filter for filtering searched users. Leave it empty if not needed, ensuring it starts with ‘(‘ and ends with ‘)’.
    • Pagination: Indicate whether the LDAP server supports pagination.
  3. Complete the Configuration: Fill in the required fields based on your LDAP setup. Once all the settings are configured, proceed to the next step.
  4. Save and Test Configuration: After entering the necessary information, save the configuration. The identity provider will validate the setup by testing the connection to the LDAP server.
  5. Verification and Activation: Once the configuration is saved and tested successfully, you can proceed to activate the LDAP Integration. This will enable users to log in using their LDAP credentials.

Mappers

Mappers play a crucial role in synchronizing roles and memberships. Our API supports three mapper types:

  1. Group Mapper: Maps group mappings of groups from LDAP to identity provider.
  2. User Attribute Mapper: Maps attributes from LDAP user to IDP user attributes.
  3. Hardcoded Attribute Mapper: Hardcode a value to a user attribute.

Signing in with LDAP Provider

Once successfully configured, logging in through the LDAP provider is as straightforward as a standard login. The Identity Provider uses default username/password forms for authentication.

ADFS Integration

Active Directory Federation Services (ADFS) is a Windows Server feature extending single sign-on (SSO) access to applications and systems outside the corporate firewall. ADFS operates on a claims-based access control authorization model, provided by Microsoft.

ADFS enables SSO across secure boundaries like the internet, allowing users to utilize their local credentials for external systems. It establishes trust relationships between different systems, enabling users to present tokens for access.

Configure ADFS

ADFS configuration can be performed using either the identity provider or VuSmartMaps. The VuSmartMaps ADFS configuration API wraps around the identity provider’s API.

ADFS Configuration Guide

Follow these step-by-step instructions to configure OpenID Connect v1.0 using the Identify Providers section:

  1. Accessing the Configuration Page: Open the identity provider’s administration console and navigate to the “Identity Providers” section. Click on OpenID Connect v1.0 in the User-defined section to initiate the configuration process.



  2. Setting up the OpenID Provider: You’ll be presented with a form similar to the one shown below:




    • Alias: Choose a unique alias to identify your identity provider in the IDP.
    • Display Name: Define the name that will be displayed to users in the login form. For example, if you use “Azure AD” as the display name, a corresponding button “Sign in with Azure AD” will appear in the login form.
    • Display Order: If configuring multiple identity providers, set the display order to determine button rendering in the UI. Leave it blank for default ordering.
    • Discovery Endpoint: Provide the OpenID configuration URL for the app registered with your identity provider. This URL enables the IDP to fetch necessary URLs like token URL, authentication URL, userinfo endpoint, etc.
    • Client Authentication: Specify how the IDP will interact with the identity provider. Use the default value (“Client secret sent as post”) unless instructed otherwise.
    • Client ID and Client Secret: Obtain these values from the app registered with your identity provider.
  3. Complete the Configuration: Fill in the required fields based on your OpenID Connect setup. Once all the settings are configured, proceed to the next step.
  4. Save and Test Configuration: After entering the necessary information, save the configuration. The IDP will validate the setup by testing the connection to the OpenID provider.
  5. Verification and Activation: Once the configuration is saved and tested successfully, you can proceed to activate the OpenID Connect integration. This will enable users to log in using the configured OpenID provider.

Mappers

Besides configuration, clients often create mappers to synchronize user roles and group memberships. Our API exposes three mapper types:

  1. Advanced Claim to Group: Assigns users to specific groups based on claims.
  2. Attribute Importer: Imports declared claims from tokens into user properties.
  3. Hardcoded Attribute: Sets a predefined value to a specific user attribute.

Signing in with ADFS Provider

Upon successful ADFS configuration, an additional login button will appear for the configured identity provider. Proper configuration prompts redirection to the provider’s authentication form. Once logged in, you will be redirected back to the IDP. If it’s your first login, you’ll need to provide additional user information.

  1. Access the ADFS Login: Upon successful configuration, a new button will appear alongside the regular login options. Click on this button to initiate the ADFS login process.



  2. Authentication Form: If your configuration is correct, clicking the ADFS login button will take you to the authentication form of the configured identity provider. Below are screenshots illustrating this process using Azure AD as an example:



  3. Completing the Provider Login: Once redirected to the identity provider’s authentication form, follow the provided instructions to log in using your identity provider credentials. After successfully logging in through the identity provider, you will be redirected back to the identity provider platform.
  4. Additional User Information: If this is your first time signing in with the configured identity provider, you may be prompted to provide additional user information. This step ensures seamless integration for the identity provider.



  5. Logged in to External User Account: Once you’ve filled in the required information, you will be logged into vuSmartMaps as an external user. Enjoy a smooth login experience without the need for additional credentials.

💡Note: Depending on the mappers you’ve configured, users can be automatically assigned to groups based on the mapper logic. This streamlines access control and ensures that users are directed to the appropriate resources within the platform.

By successfully signing in with your ADFS provider, you enhance security and user experience by leveraging established authentication infrastructure and streamlined access to external systems.

<< Previous

Resources

Browse through our resources to learn how you can accelerate digital transformation within your organisation.

View More

About VuNet

VuNet Systems is a next-gen visibility and analytics company that uses full-stack AI & Big Data analytics to accelerate digital transformation within an organisation. We provide deep observability into business journeys to reduce failures and enhance overall customer experience.
Linkedin-in Icon-twitter-1 Icon-youtube-1 Icon-phone-call

About VuNet

VuNet Systems is a next-gen visibility and analytics company that uses full-stack AI & Big Data analytics to accelerate digital transformation within an organisation. We provide deep observability into business journeys to reduce failures and enhance overall customer experience.

Linkedin-in Icon-twitter-1 Icon-youtube-1

Platform

Products

Newsroom

In The News
Press Releases
News Feature
Awards and Recognitions
Cohorts
Articles

Resources

Company

© 2023 VuNet. All Rights Reserved.

Unveiling our all powerful IBMB Observability ExperienceCenter. Click Here