Manualshelf

White Papers

ManualsBrandsDell ManualsOtherChassis Management Controller Version 4.50
12345678910
5 Dell Power Edge M1000e Chassis Management Controller Version 4.5 - Single Sign- On and Kerberos Model
Executive summary
This document explains the following:
Working of Single Sign- On(SSO) using Kerberos, a network authentication protocol
Kerberos security mechanism
Configuring the Dell Chassis Management Controller for SSO.
The Dell Chassis Management Controller uses Kerberos to support single- sign on and Active directory account
credentials to log in.
Background
It all started in early 1990, when some organizations moved to a combination of some authentication protocols,
commonly known as Enterprise SSO (ESSO). These protocols later developed to more advanced browser- based
plugin, Web Access Management (WAM).
Some protocols like Kerberos contain SSO features. However, the emphasis was to integrate applications within
the network perimeter only. Later, SSO was alligned to cloud based services also including Software as a Service
(SaaS).
In 2012, SSO technologies were developed to accommodate enterprises of all sizes, This was mainly due to
Security Assertion Markup Language 2.0 (SAML) protocol, which became an Organization for the Advancement of
Structured Information Standards (OASIS) standard in 2005. The Simple Cloud Identity Management (SCIM) is the
latest protocol available. This defines a simple, RESTful protocol for identity account management operations.
About Single Sign- On
Single sign- on is an authentication process that allows network users to access all authorized network resources
without having to log in separately to each resource. Single sign- on allows the user to validate usernames and
passwords against the corporate user database or other client application rather than having separate user names
and passwords.
The idea of today’s SSO is simple. The process authenticates the user for all the applications they have been given
rights to. This eliminates further prompts when they switch applications during a particular session., There are
various types of SSO. However, the preferred architecture is for a user to authenticate to a centrally managed
system, and for applications to trust that central system for identity information about the user rather than re-
authenticating.