FAQ

What are the limitations of a sequence realm?

FAQ ID:    FAQ2099
Version:    1.0
Status:    Published
Published date:    04/23/2012
 

Answer

The ProxySG appliance uses sequence realms to allow for authentication within mixed environments.

The goal is to allow a user to provide a single set of credentials from whatever Authentication/Authorization Server they are using (Active Directory, Radius, Novell NetWare, etc) and the ProxySG will automatically check the credentials against each realm it has configured until it finds the one that can accept those credentials.

 

What a sequence realm does not provide is failover.

If a realm listed in the sequence has a server or other failure, the sequence realm will not move on to the next realm in the list, but will instead send an exception to the user, and authentication will fail.

 Also note that you can only add one IWA Realm to a Sequence Realm.

 If authentication failover is required within the ProxySG environment, then, in the case of IWA for example, multiple Domain Controllers should be pointed to, using multiple BCAAA Agents.


Rate this Page

Please take a moment to complete this form to help us better serve you.

Did this document help answer your question?
 
 
If you are finished providing feedback, please click the RATE CONTENT button. Otherwise, please add more detail in the following text box and then click RATE CONTENT.
 
 

Your response will be used to improve our document content.

Ask a Question