This new capability will let you automatically patch/apply OS package updates when the device boots. The next area to focus on are Photon OS automatic patching. It’s not the end of the world, but I would prefer something where you have to add users into the UAG and set roles to properly setup and secure access.įor those who use UAGDeploy, some of the settings you will want to add in are: #For Importing IDP Metadata# So unlike most SAML apps where your database in your application is the source of truth/accounts, you now allow your IDP to do it. If required, enter the SP issuer as The main concern that I do have with this new setup is your Identity Provider controls who can access things now. Once you import the metadata and turn things on, you just need to set your SSO URL, SP Entity ID, and SP Issuer similar to this table below: OptionĮnter the assertion consumer service URL as Audience URI (SP Entity ID) Check out my video on setting up Admin SSO: ![]() It’s a huge advancement that lets you deliver a stronger security mechanism around your admin access to lock down Admin Access stronger than ever before. In 2106, we now have the ability to deliver Single Sign-On for the Admin GUI powered by SAML. These are some truly great advancements on the password and account hardening, but now with 2106 we have moved it a step further! UAG Admin SSO We know that they’re bad and we need to fix it! Let’s talk about how UAG 2106 fixes them.įirst, you now get a setting during template customization to set the admin session idle timeout:Īdditionally, in the last few releases they now let you set password policies around the root password/admin password: I’m sure there’s plenty more, so let’s keep it simple.
0 Comments
Leave a Reply. |