What are the limitations of a sequence realm?


<< Back to Knowledge Search

Solution

Overview

The ProxySG appliance uses sequence realms to allow for authentication within mixed environments.

The goal is to allow a user to provide a single set of credentials from whatever Authentication/Authorization Server they are using (Active Directory, Radius, Novell NetWare, etc) and the ProxySG will automatically check the credentials against each realm it has configured until it finds the one that can accept those credentials.

 

What a sequence realm does not provide is failover.

If a realm listed in the sequence has a server or other failure, the sequence realm will not move on to the next realm in the list, but will instead send an exception to the user, and authentication will fail.

 Also note that you can only add one IWA Realm to a Sequence Realm.

 If authentication failover is required within the ProxySG environment, then, in the case of IWA for example, multiple Domain Controllers should be pointed to, using multiple BCAAA Agents.

Cause
Resolution
Workaround
Additional Information
Bug Number
InQuira Doc IdFAQ2099
Attachment

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      ProxySG
Topic      Authentication
Article Number      000014774
Summary     
Was this helpful?
Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat