IBM Security Identity Governance and Intelligence, Version 5.2.3.1

Managing LTPA-based single sign-on configuration

Use the LTPA-based Single Sign-On Configuration page to generate, import, or export LTPA keys and to configure, or unconfigure the single sign-on for the IBM® Security Identity Governance and Intelligence virtual appliance.

About this task

These tasks must be performed on a stand-alone node or the primary node of a cluster environment. In a cluster environment, you must synchronize the nodes to propagate the changes that you made on the primary node.

If you want to use LTPA-based single sign-on with IBM Security Identity Manager, you must export the LTPA key from IBM Security Identity Manager. Then, import the key to IBM Security Identity Governance and Intelligence.

For more information about single sign-on, see Single sign-on overview.

Procedure

  1. From the top-level menu of the Appliance Dashboard, click Configure > LTPA based Single Sign-On Configuration. The Single Sign-On Configuration page displays a table with these column names.
    Single Sign-On Configuration
    Specifies SSO configuration as the name of the single sign-on authentication that is being used.
    SSO Configured
    Indicates whether single sign-on is enabled. If SSO is configured, the value is True.
    LTPA Key Available
    Indicates whether the LTPA key exists. After an LTPA key is generated or imported, the value is True.
  2. On the LTPA-based Single Sign-On Configuration page, do one of these actions. The actions that are available depend on the node you are working from.
    Table 1. LTPA-based Single Sign-On Configuration action items
    Action Button Description
    Create an ltpa.key file and password Generate
    1. Click Generate.
    2. Specify a password for the LTPA key file.
    3. Confirm the password.
    4. Click Save Configuration.
    Import the LTPA key file that is used by another virtual appliance Import
    1. Click Import LTPA key.
    2. Use Browse to locate the LTPA key file.
    3. Enter the password for the key file.
    4. Click Save Configuration.
    Download the LTPA Key that is used by the virtual appliance Export
    1. Select the LTPA key.
    2. Click Export LTPA key.
    3. Select Save File.
    4. Click OK.
    The LTPA key file is saved to your Downloads directory.
    Remove the current LTPA key Delete This option is available if an LTPA key exists.
    1. Click Delete.
    2. Click Yes on the confirmation message to delete the current LTPA key.
    Refresh the single sign-on information Refresh Click Refresh to display the most recent version of the data, including changes that were made to the data since it was last refreshed.
    Set up single sign-on authentication Configure
    • Click Configure.
    • Choose the domain option that you want to use.
      • Use the domain from the URL that you are logged in to.
      • Use a custom domain name. Specify the domain name in the SSO domain names: field.
    • Type the realm name, for example myrealm.mycompany.com.
    • Specify the URL that you want to return to when you sign off.
    • Click Save Configuration.
    Remove single sign-on configuration Unconfigure This option is available if single sign-on is configured.
    1. Click Unconfigure.
    2. Click Yes on the confirmation message to unconfigure single sign-on.
Parent topic: Virtual appliance administration