UC_KDC_SETTINGS - Single Sign-On

VariableSpeichert oder ermittelt Werte dynamisch zur Laufzeit. Auch ein eigener Objekttyp in der Automation Engine. for configuring the KDC  Single Sign-on mechanism.

Key

Value1

Restart necessary

Fully-qualified domain of the OS user

Department of the Automation EngineDiese Komponente steuert ein Automation Engine-System. Besteht aus verschiedenen Serverprozessen. system's user

No
KEYTAB Path and file name of the keytab file Yes
HTTP Name of the host the web interface is installed upon. Yes

Description

Logging in via KDC (Key Distribution Center) Single Sign-on to the Automation Engine system requires a suitable configuration via the variable object UC_KDC_SETTINGS.

The full instructions for Setting up Single Sign-On can be found in the Administrator Guide.

The variable is located in client 0000 and must be modified there. Transfer to another client is not possible since the settings apply to the entire system.

The following three definitions must be implemented in this variable:

  1. Specify keytab file
    Authentication is performed in Single Sign-on mode using the Keytab file. This value is therefore mandatory.
    Define a variable item using the "KEYTAB" key. Enter the path and name of the Keytab file in the associated value column.
  2. Specify domain
    The operating system users, which are for authentication, are searched for via Automation Engine users. If the Automation Engine client contains one or more users with the same name but a different department, a corresponding assignment must be defined via the variable object. The fully-qualified domain name of the operating system user (Key column) must be assigned to the AE user's department (Value1 column).
  3. Specify HTTP as Service Principal Name
    In order to implement Single Sign-on for web applications (such as Automic Web Interface or Automic Release Automation"Automic Release Automation (ARA) ist eine End-to-end-Lösung für die Definition, Koordinierung, Planung von Freigabe-Prozessen und deren Automatisierung. Dies enthält auch die automatische Durchführung von Anwendungs-Deployments auf großen Serverumgebungen. [Früher ""Application Release Automation"", ""Release Manager"" und ""Deployment Manager"" genannt.]"), a keytab file with HTTP as Service Principal Name is required.
    The SPN name must also be entered in this variable using the "HTTP" key. If several AWIAutomic-Produkt: Übersichtliche und einfach zu bedienende Weboberfläche, mit welcher der Zugriff auf verschiedene Funktionalitäten der Automation Engine möglich ist./ARA installations are available for an Automation Engine system, then other names separated by a semi colon can be added. For details refer to the Setting up Single Sign-on page.

 

Also see:

Tabular Overview of all Variables
Variable