Professional Documents
Culture Documents
Network web application in the Cloud Manager. Here you specify some of the settings
you specified in the web application directly. For details, see "Configuring Blue Jeans
Network in Cloud Manager" on page 25-34.
Requirements
Requirements
A signed certificate. You can either download one from Cloud Manager or use your
organizations trusted certificate.
31
Description
Yes
No.
User provisioning
You can add users manually. Or, you can download a spreadsheet
from Blue Jeans, add your user data, then upload the spreadsheet file.
Blue Jeans also provides the option of automatic user provisioning.
User types
users, administrators
Users can reset their own passwords from the Forgot Password link
on the login screen.
Administrators cannot reset users passwords.
If you dont configure Blue Jeans Network with SAML SSO, you can
control security settings such as password strength, change
password options, and failed login notifications. These settings dont
apply when SAML SSO is enabled.
administrator credentials.
2 Click Admin > Group Settings > Security.
3 Select SAML Single Sign On.
32
Description
Enable automatic provisioning Blue Jeans Network recommends enabling automatic user provisioning.
Certificate path
Login URL
Copy and paste this value from the Cloud Manager application settings
to this field.
Copy and paste this value from the Cloud Manager application settings
to this field.
Logout URL
Copy and paste this value from the Cloud Manager application settings
to this field.
33
Option
Description
Copy and paste this value from the Cloud Manager application settings
to this field.
RelayState
Copy the value in Blue Jeans and paste the value into the application
setting in Cloud Manager.
Select this option, and then in the Email field, enter Email (no quotes).
The application that you just added opens to the Application Settings page.
7 On the Application Settings page, specify the following settings that are unique to this
application:
Option
Description
Paste in this value from the SAML Single Sign On settings in your
Blue Jeans Network admin settings area.
Login URL
Copy this value and paste it into the Login URL field in the SAML
Single Sign On settings in your Blue Jeans Network admin
settings area.
34
Option
Description
Copy this value and paste it into the Custom Error Page URL field
in the SAML Single Sign On settings in your Blue Jeans Network
admin settings area.
Logout URL
Copy this value and paste it into the Logout URL field in the SAML
Single Sign On settings in your Blue Jeans Network admin
settings area.
8 On the Application Settings page, expand the Additional Options section and
Description
Application ID
Configure this field if you are deploying a mobile application that uses
the Centrify mobile SDK, for example mobile applications that are
deployed into a Samsung KNOX version 1 container. The cloud service
uses the Application ID to provide single sign-on to mobile applications.
Note the following:
The Application ID has to be the same as the text string that is
specified as the target in the code of the mobile application written
using the mobile SDK. If you change the name of the web application
that corresponds to the mobile application, you need to enter the
original application name in the Application ID field.
There can only be one SAML application deployed with the name used
by the mobile application.
The Application ID is case-sensitive and can be any combination of
letters, numbers, spaces, and special characters up to 256 characters.
Select Show in User app list to display this web application in the user
portal. (This option is selected by default.)
If this web application is added only to provide SAML for a corresponding
mobile app, deselect this option so the web application wont display for
users in the user portal.
Security Certificate
These settings specify the security certificate used for secure SSO
authentication between the cloud service and the web application.
Select an option to change the security certificate.
Use existing certificate displays beneath it the certificate currently in
use. The Download button below the certificate name downloads the
current certificate through your web browser to your computer so you
can supply the certificate to the web application during SSO
configuration. Its not necessary to select this optionits present to
display current status.
Use the default tenant signing certificate selects the cloud service
standard certificate for use. This is the default setting.
Use a certificate with a private key (pfx file) from your local storage
selects any certificate you want to supply, typically your organizations
own certificate. To use this selection, you must click Browse to upload
an archive file (.p12 or .pfx extension) that contains the certificate
along with its private key. If the file has a password, you must enter it
when prompted.
35
9 On the User Access page, select the role(s) that represent the users and groups that have
Select Automatic Install for applications that you want to appear automatically for
users.
If you select Optional Install, the application doesnt automatically appear in the
user portal and users have the option to add the application.
10 (Optional) On the Policy page, specify additional authentication control for this
The above script instructs the cloud service to set the login user name to the users mail
attribute value in Active Directory and add .ad to the end. So, if the users mail
attribute value is Adele.Darwin@acme.com then the cloud service uses
36
assertion, if needed. In most cases, you dont need to edit this script. For more
information, see the SAML application scripting.
On the Changelog page, you can see recent changes that have been made to the
application settings, by date, user, and the type of change that was made.
Note
13 Click Workflow to set up a request and approval work flow for this application.
The Workflow feature is a premium feature and is available only in the Centrify Identity
Service App+ Edition. See Configuring Workflow for more information.
14 Click Save.
After configuring the application settings (including the role assignment) and the
applications web site, youre ready for users to launch the application from the user
portal.
http://na9.salesforce.com/_ui/selfservice/pkb/PublicKnowledgeSolution/
d?orgId=00DE0000000IOFe&id=501E00000008txV&retURL=%2Fsol%2Fpublic%2Fsol
utionbrowser.jsp%3Fsearch%3Dadd%2Busers%26cid%3D000000000000000%26orgId%
3D00DE0000000IOFe%26t%3D4&ps=1
Blue Jeans Network SAML SSO FAQ:
http://na9.salesforce.com/_ui/selfservice/pkb/PublicKnowledgeSolution/
d?orgId=00DE0000000IOFe&id=501E00000008u2a&retURL=%2Fsol%2Fpublic%2Fsol
utionbrowser.jsp%3Fsearch%3Dsaml%26cid%3D000000000000000%26orgId%3D00DE
0000000IOFe%26t%3D4&ps=1
Blue Jeans Network administrator getting started checklist:
http://na9.salesforce.com/_ui/selfservice/pkb/PublicKnowledgeSolution/
d?orgId=00DE0000000IOFe&id=501E00000008tj4&retURL=%2Fsol%2Fpublic%2Fsolu
tionbrowser.jsp%3Fsearch%3Dadd%2Busers%26cid%3D000000000000000%26orgId%3
D00DE0000000IOFe%26t%3D4&ps=1
37
http://na9.salesforce.com/_ui/selfservice/pkb/PublicKnowledgeSolution/
d?orgId=00DE0000000IOFe&id=501E00000008uxK&retURL=%2Fsol%2Fpublic%2Fsol
utionbrowser.jsp%3Fsearch%3Dadd%2Busers%26cid%3D000000000000000%26orgId%
3D00DE0000000IOFe%26t%3D4&ps=1
TCP/UDP ports used by Blue Jeans Network:
http://na9.salesforce.com/_ui/selfservice/pkb/PublicKnowledgeSolution/
d?orgId=00DE0000000IOFe&id=501E00000008sfG&retURL=%2Fsol%2Fpublic%2Fsol
utionbrowser.jsp%3Fsearch%3DLync%26cid%3D000000000000000%26orgId%3D00DE
0000000IOFe%26t%3D4&ps=1
38