Secure Mobile Access 12.4 Administration Guide

Additional Field for Custom Certificates

The custom SSL client certificate has an additional field to contain an employee ID number (a 10-digit number). This employee ID number can be parsed and passed to an Active Directory authentication server, which will use this additional information to determine the authorization and client access privilege of the client and add that client to the authorized group.

To generate and gain access to SMA with a custom certificate

  1. Create a custom certificate; include the Employee ID number in the custom field.

  2. Create a user group on the Active Directory authentication server based on the Employee ID number field.

  3. Create an SMA access policy for that user group on the Active Directory authentication server.

  4. Configure the Employee ID number field as the SSO username on the Active Directory authentication server.

  5. Configure Group Affinity Checking on the Active Directory authentication server.

  6. Add the appropriate resources and enable SSO for the configured username.

    The custom certificate is assigned to the client with that username and is installed on the client’s device. The client can now use that device to access SMA and all resources that are enabled with SSO for that client.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.