McDewey

example, enable the recovery URL before you change the domain or hostname of a server. Logging in to the recovery URL facilitates an update of the server metadata. The recovery URL does not work for end users (LDAP or local) trying to log in to the Self Care portal. Note Before you begin • Only application users with administrative privileges can access the recovery URL. • If SAML SSO is enabled, the recovery URL is enabled by default. You can enable and disable the recovery URL from the CLI. For more information about the CLI commands to enable and disable the recovery URL, see the Command Line Interface Guide for Cisco Unified Communications Solutions. Procedure In your browser, enter https://hostname:8443/ssosp/local/login. Update Server Metadata After a Domain or Hostname Change After a domain or hostname change, SAML Single Sign-On is not functional until you perform this procedure. If you are unable to log in to the SAML Single Sign-On window even after performing this procedure, clear the browser cache and try logging in again. Note Before you begin If the recovery URL is disabled, it does not appear for you to bypass the Single Sign-On link. To enable the recovery URL, log in to the CLI and execute the following command: utils sso recovery-url enable. Procedure Step 1 In the address bar of your web browser, enter the following URL: https://<Unified CM-server-name> where <Unified CM-server-name> is the hostname or IP address of the server. Step 2 Click Recovery URL to bypass Single Sign-On (SSO). Step 3 Enter the credentials of an application user with an administrator role and click Login. Step 4 From Cisco Unified CM Administration, choose System > SAML Single Sign-On. Step 5 Click Export Metadata to download the server metadata. SAML SSO Deployment Guide for Cisco Unified Communications Applications, Release 15 and SUs 32 SAML SSO Configuration Update Server Metadata After a Domain or Hostname Change