问题描述
我们正在测试Azure AD SSO作为CUCM的IdP。 CUCM配置为多服务器证书(SAN),它目前与OKTA一起作为IdP使用。 CUCM元数据包含一个entityID和几个用于Assertion Consumer Service的URL,此ACS包含
CUCM集群中每个节点的索引。
We are testing Azure AD SSO as IdP for CUCM. CUCM is configured for multiserver certificate (SAN) and it's currently working with OKTA as IdP. The CUCM metadata contains an entityID and several URLs for Assertion Consumer Service, this ACSs contain an index for each node in the CUCM cluster.
对于身份验证请求CUCM发送身份验证具有相同实体ID但具有不同ACS索引的请求(取决于发出身份验证请求的节点)。 Okta"知道"在哪里发送身份验证令牌,因为它包含
"回复网址"与其相应的索引。由于Azure SSO配置没有此"索引",因此配置选项它始终回复默认回复URL,因此身份验证仅适用于一个服务器。我已经看到在ADFS中也可以使用索引选项
。
For authentications requests CUCM sends the authentication request with the same entity ID but different ACS index (depending on the node that is making the authentication request). Okta "knows" where to send the authentication token since it contains the "reply URL" with its corresponding index. Since Azure SSO configuration doesn't have this "index" configuration option it always reply to the default reply URL, so authentication only works for one server. I have seen that Index option is also availble in ADFS.
我没有在Azure SSO配置上看到任何选项来配置这样的东西。我可以选择使其工作吗?
I don't see any option on Azure SSO configuration to configure something like this. Do I have an option to make this work?
推荐答案
这篇关于Azure SSO和思科呼叫管理器(CUCM)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!