Ask the Community
Groups
Adding Egnyte - Connect IT Community | Kaseya
<main> <article class="userContent"> <p><strong>Question</strong></p> <p>How do we configure Egnyte for SAML Access.</p> <p> </p> <p><strong>Answer</strong></p> <p><strong> To configure Egnyte in the Single Sign On Manager please follow these steps</strong></p> <ol><li>Select <strong>Directory Manager</strong>.</li> <li>Select <strong>Groups</strong>.</li> <li>Select the green plus sign in the bottom right corner.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/BBGTCDH42MWB/blue-png.png" alt="blue.PNG" width="48" height="45" class="embedImage-img importedEmbed-img"></img></li> <li>Name the Group <strong>Egnyte</strong> <strong>Users</strong>.<br><strong>Note</strong>: If you have other existing Groups for SSO users you can use one of these as well. </li> <li>Select <strong>ADD GROUP</strong>.</li> <li>Select <strong>SSO Manager</strong>.</li> <li>Select the green plus sign in the bottom right corner.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/BBGTCDH42MWB/blue-png.png" alt="blue.PNG" width="48" height="45" class="embedImage-img importedEmbed-img"></img></li> <li>Select the Catalog Icon.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/BBGTCDH42MWB/blue-png.png" alt="blue.PNG" width="48" height="45" class="embedImage-img importedEmbed-img"></img></li> <li>Select <strong>Egnyte</strong> from catalog.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/3028O8OX76J9/1-png.png" alt="1.PNG" class="embedImage-img importedEmbed-img"></img><br><br></li> <li>Select <strong>Application is Enabled</strong>.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/K1GY3G75N0DC/2-png.png" alt="2.PNG" class="embedImage-img importedEmbed-img"></img></li> <li>Select <strong>Protocol Setup</strong>.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/W8O9D3D9QLE6/3-png.png" alt="3.PNG" class="embedImage-img importedEmbed-img"></img><br>Update the <strong>Assertion Consumer Service URL</strong> to reflect your own Egnyte domain.</li> <li>Select Add Application.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/5I2XLH0OYJLA/4-png.png" alt="4.PNG" class="embedImage-img importedEmbed-img"></img></li> <li>Select <strong>Permissions</strong>.</li> <li>Select <strong>Add Groups.<br></strong>Select the <strong>Group</strong> you chose in Step 4.</li> <li>Select <strong>Signing and Encryption</strong>.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/6BI0KP0WN0MM/5-png.png" alt="5.PNG" class="embedImage-img importedEmbed-img"></img></li> <li>Select <strong>Copy</strong>.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/3UH1ENRCFXAO/6-png.png" alt="6.PNG" class="embedImage-img importedEmbed-img"></img><br><strong>Copy</strong> the encoded certificate like this sample including the <br>-----BEGIN CERTIFICATE-----<br>-----END CERTIFICATE-----<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/MIKBBB7YA2IA/7-png.png" alt="7.PNG" class="embedImage-img importedEmbed-img"></img><br>Note: Save this using a notepad document using a .CER file type. You will need this for the Egnyte portion of the configuration.</li> <li>Select <strong>Save Changes</strong>.</li> </ol><p> </p> <p><strong>Configuring Egnyte for Single Sign On</strong></p> <ol><li>Log in to the Egnyte Admin console, and navigate to the Configuration tab.</li> <li>Select Security & Authentication from the left menu. Scroll down to the Single Sign-on Authentication section. Select SAML 2.0 authentication, with CustomRedirect as the IdentityProvider. Fill out your SSO details for login URL and entity ID.<br>Note: CustomRedirect has been replaces by Generic HTTP POST.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/IK26KCYRBHGZ/egnysso01.png" alt="egnySSO01.png" class="embedImage-img importedEmbed-img"></img><br>Enter the information copied from Passly in the text boxes provided:<br>Issuer URL:Issuer URL <a href="/home/leaving?allowTrusted=1&target=https%3A%2F%2F%28Your">https://(Your</a> On-Demand Tenant)/trust<br><strong>SSO Endpoint</strong>: SAML2.0 Endpoint (HTTP) URL <a href="/home/leaving?allowTrusted=1&target=https%3A%2F%2F%28Your">https://(Your</a> On-Demand Tenant)/signin <br><strong>SSO Logout Endpoint</strong>: SLO Endpoint (HTTP) URL <a href="/home/leaving?allowTrusted=1&target=https%3A%2F%2F%28Your">https://(Your</a> On-Demand Tenant)/apps <br><strong>Note</strong>: Replace <a href="/home/leaving?allowTrusted=1&target=https%3A%2F%2F%28Your">https://(Your</a> On-Demand Tenant) with your actual tenant URL<br><strong>Certificate</strong>: X.509 Certificate</li> <li>Paste the encoded certificate (without the BEGIN CERTIFICATE or END CERTIFICATE parts) into the Identity Provider Certificate field.<br>Leave the Default user mapping as Email Address</li> <li> <strong>Save</strong> the settings.</li> </ol><p><br>Users in Egnyte must be manually enabled for SSO. To enable a user, complete the following steps. <img src="https://us.v-cdn.net/6032361/uploads/migrated/K6NIN3GBI28A/egnysso02.png" alt="egnySSO02.png" class="embedImage-img importedEmbed-img"></img></p> <ol><li>Go the the Users & Groups tab in Egnyte Admin console</li> <li>Select a User to view their details</li> <li>Select Profile from the left menu</li> <li>Change their Authentication to SSO</li> <li>Enter their AuthAnvil On Demand principal name as the IdP Username</li> <li>Save the settings.</li> </ol><p><br>To verify, have the user sign in. They should be redirected to AuthAnvil On Demand after entering their Egnyte username or email address, and begin the authentication process.</p> </article> </main>