McDewey

Multi-vendor documentation library · semantic search · MCP endpoint at /mcp

Page 36

↗ View in doc context
page
36
source
cucm/v15/saml-sso/saml-sso.md
chunk_id
cucm::v15::saml-sso::saml-sso::33

Before you begin Make sure that you plan beforehand what type of SAML SSO agreement you want (cluster wide or per node), along with the certificate type. Procedure Step 1 On Cisco Unified Communications Manager, export a UC metadata file: a) From Cisco Unified CM Administration, choose System > SAML Single Sign On. b) Select an SSO Mode option: Cluster wide or Per Node. c) Select a Certificate option: System generated self-signed certificate or a Cisco Tomcat certificate. d) Click Export All Metadata and save the metadata file to a secure location. With cluster wide agreements, you will receive a single metadata file. With per node agreements, the zip file download contains a separate XML files for each cluster node. If you have IM and Presence Service deployed in a Standard deployment, Step 2 IM and Presence Service—If you have a Centralized Deployment for the IM and Presence Service, repeat step 1 on the standalone Unified CM publisher node that is a part of your IM and Presence central cluster. Note With IM and Presence Service Standard Deployments you can skip this task because the the metadata file that you downloaded from Unified Communications Manager in the previous step includes metadata for the IM and Presence Service cluster. Step 3 On Cisco Unity Connection, export a metadata file: a) From Cisco Unity Connection Administration, choose System Settings > SAML Single Sign On. b) Select the SSO Mode option: Cluster wide or Per node. c) Click Export All Metadata. Step 4 On Cisco Expressway-C, export a metadata file: a) On the Expressway-C primary peer, go to Configuration > Unified Communications > Configuration b) In the MRA Access Control section, choose either of the following options for the Authentication path: • SAML SSO authentication • SAML SSO and UCM/LDAP—Allows either method. c) Choose a SAML Metadata option: Cluster or Peer • Cluster—Single metadata file for cluster • Peer—Separate metadata files per node. d) Click Export SAML data. • For Cluster agreements, click Generate Certificate and then Download the certificate. • For Peer agreements, Download All. e) Save in a secure location. SAML SSO Deployment Guide for Cisco Unified Communications Applications, Release 15 and SUs 26 SAML SSO Configuration Initiate SSO Configuration on Collaboration Applications