7.3 Single Sign-On

Single sign on (SSO) is a session and user authentication service that permits you to use one set of login credentials for example, a username and password to access multiple applications.

Perform the following steps to configure single sign-on

1. From the DSR NOAM, go to main menu Administration and then General Options, and in the General Options page, set Certificate Domain Name to tekelec.com.

   Figure 7-2 General options

   
   

   

   
   
2. From the Main Menu, go to Administration, and Access Control, and then Certificate Management, select Establish SSO Zone.
3. Provide Certificate Name as tekelec and then select Report and Copy only certificate(not private key).

   Figure 7-3 Certificate Management

   
   

   

   
   

   Figure 7-4 Certificate Management Report

   
   

   

   
   
4. From the main menu, go to Diameter and then, Troubleshooting with IDIH Configuration click Options then set IDIH Visualization address to IDIH FQDN only.

   Figure 7-5 FQDN

   
   

   

   
   
5. Ensure API Gateway Service SSL is enabled.
   1. Login to service VM.
   2. Edit cnidih_VM.yaml file in the cnidih portal section.
   3. Modify the following property GBU_RAPID_PUBLIC_SERVER_URL=https:\/\/idih.tekelec.com.
6. From the OAM, click Single Sign On and provide tekelec as certificate name and the copied certificate from NOAM in the certificate section.

   Figure 7-6 Single Sign on

   
   

   

   
   
7. The local system environment file where the user accesses SOAM and IDIH must be modified.

   For example:

   • 10.75.252.249 noam.tekelec.com
   • 10.75.252.145 soam.tekelec.com
   • 10.75.249.238 idih.tekelec.com

     Figure 7-7 System Host File

     
     

     

     
     
   • SSL certificate must have idih.tekelec.com and tekelec.com as DNS.
8. In your browser, open SOAM using FQDN soam.tekelec.com instead of IP. Then, click Analyze with IDIH for any trace. IDIH will open a new tab with FQDN without requiring you to log in.