My environment for siteminder is configured with Oracle directory services for authentication and authorization purpose. If i want to configure one or some urls with Active directory for authentication and authorization mean How will I configure it ? At present I have utilized the Windows Authentication scheme but its working as IWA .. I want to configure a Login page with Active directory for authentication and authorization. Please help
In a very crude basic setup (as we do not know much about the infrastructure).
/URL1 ---> Protected via PolicyDomain1 / Realm --> Realm is linked to AuthScheme Basic.
/URL2 ---> Protected via PolicyDomain2 / Realm --> Realm is linked to AuthScheme IWA.
/URL3 ---> Protected via PolicyDomain3 / Realm --> Realm is linked to AuthScheme HTML Forms.
PolicyDomain1 is linked to ODS.
PolicyDomain2 and PolicyDomain3 is linked to AD.
NOTE : In the above usecase all URLs are different. Hence it is easy to segregate the protection mechanisms. If your usecase is different, kindly break the usecase giving some example like above. If you wish to use the same URL for IWA and Forms, there is not a solution OOB [You'll need customization].
Thanks for your reply Hubert,
I have also tried configure the HTML forms as Authscheme and mapping the AD user directory in the domain. but I'm unable to successfully access the resource, it keeps on coming to the same log in page.
That suggests to me an Authentication failure (Check the smaccess.log on Policy Server).
Things to check.
In addition to what Hubert mentioned, AD and Oracle directory search filter is different. AD is using samAccountName while Oracle directory server use uid.
smaccess log and policy server trace log will give us better hints on why user unable to login.