Technical Documentation

Download PDFs
Configuring Infranet Controller Sign-in Policies (NSM Procedure)

Related Topics
Configuring Infranet Controller Standard Sign-in Pages (NSM Procedure)

Configuring Infranet Controller Sign-in Policies (NSM Procedure)

Sign-in policies define the URLs that users and administrators use to access the Infranet Controller and the sign-in pages that they see. The Infranet Controller has two types of sign-in policies—one for administrators and one for users. When configuring sign-in policies, you associate realms, sign-in pages, and URLs.

This topic contains the following information about sign-in policies:

Configuring Administrator Sign-In Policies

To define an administrator sign-in policies:

In the NSM navigation tree, select Device Manager > Devices.
Click the Device Tree tab, and then double-click the Infranet Controller device for which you want to define the administrator sign-in policies.
Click the Configuration tab. In the configuration tree, select Authentication > Signing In > Sign-in Policies > User/Administrator URLs.
Add or modify the settings for the User/Administrator URLs as specified in Table 1.
Click one:
- OK—Saves the changes.
- Cancel—Cancels the modifications.

Table 1: Administrator Sign–in Policies Configuration Details

Option	Function	Your Action
Sign-in URL	Specifies the URL that you want to associate with the policy.	Enter the URL. Use the format <host>/<path>, where <host> is the hostname of the Infranet Controller and <path> is any string you want users to enter. For example, enter: users1.yourcompany.com/ic. To specify multiple hosts, use the * wildcard character. To specify that all administrator URLs should use the sign-in page, enter /admin. Note:* You may only use wildcard characters (*) in the beginning of the hostname portion of the URL. The Infranet Controller does not recognize wildcards in the URL path.
Description	Specifies the description for the policy.	Enter a brief description for the administrator sign-in policy.
Enable	Enables the sign-in policy option.	Select this option.
Sign-in Page	Specifies the page that you want to associate with the sign-in policy.	Select the sign-in page.
User Type	Specifies the user type.	Select Administrator, and click Add to move the required Admin Realms from the Non-members list to the Members list.
Realm Select	Specifies which realm(s) map to the policy, and how users and administrators should pick from among realms.	Select User types the realm name for the Infranet Controller to map the sign-in policy to all authentication realms, but do not provide a list of realms from which the administrator can choose. Instead, the administrator must manually enter the realm name into the sign-in page. Select User picks from a list of authentication realms for the Infranet Controller to map only the sign-in policy to the authentication realms that you choose. The Infranet Controller presents this list of realms when the administrator signs-in to the Infranet Controller and allows a realm to be chosen from the list. Note: The Infranet Controller does not display a drop-down list of authentication realms if the URL is only mapped to one realm. Instead, only the realm you specify is displayed.

Configuring User Sign-in Policies

To define user sign-in policies:

In the NSM navigation tree, select Device Manager > Devices.
Click the Device Tree tab, and then double-click the Infranet Controller device for which you want to define the user sign-in policies.
Click the Configuration tab. In the configuration tree, select Authentication > Signing In > Sign-in Policies > User/Administrator URLs.
Add or modify the settings for the User/Administrator URLs as specified in Table 2.
Click one:
- OK—Saves the changes.
- Cancel—Cancels the modifications.

Table 2: User Sign–in Policies Configuration Details

Option	Function	Your Action
Sign-in URL	Specifies the URL that you want to associate with the policy.	Enter the URL.Use the format <host>/<path>, where <host> is the hostname of the Infranet Controller and <path> is any string you want users to enter. For example, enter: users1.yourcompany.com/ic. To specify multiple hosts, use the * wildcard character. To specify that all end–user URLs should use the sign-in page, enter */.
Description	Describes the user sign-in policies.	Enter a brief description for the user sign-in policies.
Enable	Enables the sign-in policy option.	Select this option.
Sign-in Page	Specifies the page that you want to associate with the sign–in policy.	Select the default page that comes with the Infranet Controller, a variation of the standard sign-in page, or a custom page that you create using the customizable UI feature. For more information, see “Configuring Standard Sign-In Pages.”
User Type	Specifies the user type.	Select User.
authentication-realms	Specifies the realm(s) that should be mapped to the sign-in policy.	Click authentication-realms. The Authentication dialog box appears. Select the Realm and Authentication Protocol. Click OK.
User may specify the realm name as a username suffix	Allows non-UAC endpoints to access the Infranet Controller by entering their credentials in the format user@realm.	Select this option.
Remove realm suffix before passing to authentication server	Allows users who enter their credentials with a suffix to send the user name without the suffix. Most authentication servers are not compatible with a realm suffix or decorated username.	Select this option.