Description
The following steps will be performed in the Microsoft Entra admin center as well as the Arctera insight Management Console to configure SSO.
1. Create a New application under Enterprise applications.
2. Choose to Create your own application
3. Enter a name for the application and choose option (Non-gallery)
4. Click Create
5. Select Single Sign-on then SAML
6. Choose Edit in the Basic SAML Configuration section
7. Enter the Identifier (Entity ID), Reply URL, and Sign on URL using the values for the correct data center. See tables below for this information. For Sign on URL the value should include the CID value. This can be found in the Arctera insight Management Console under Policy Management > Authentication Management.
7A - The Customer ID (CID) will need to be generated in the Arctera insight Management Console. It's an auto-generated hash value which is unique to each customer instance after changing the Authentication Type from Cloud Archive credentials. To access it, login to the Arctera insight Management Console > Policy Management > Authentication Management node. Once selected, it will generate the unique Customer ID.
- Set the Authentication Type to Single Sign-on - SAML 2.0 based
- Configure the other options as needed
- Click Save to continue to the next step
8. Return to Microsoft Entra admin center and enter the Sign on URL in the following format using the format Datacenter URL + /?CID_VALUE
Example: https://personal.us3.archive.veritas.com/?CID=12345633-2acb-4540-b9e4-eb2626123456
9. Save the configuration and close the Basic SAML Configuration window
10. Download the Base64 certificate from the SAML Certificates section. This will be uploaded to the Arctera insight Management Console SSO configuration
11. Copy the Login URL from the Setup up APP_NAME section. This will be used to complete the configuration in the Arctera insight Management Console
12. Return to the Arctera insight Management Console and upload the downloaded certificate to the Upload Your Public Key section
13. Enter the copied Login URL into the Validate Relying Trust section and click Validate
14. Click Save and then Activate SSO to complete the configuration
Note: Users or groups must be added to the created application in the Microsoft Entra admin center to allow them to utilize SSO.
Sign-on URL paths -
Identifier (Entity ID), Reply URL
| Datacenter | URL |
| USW01 | https://auth.lax.archivecloud.net |
| USW03 | https://auth.us3.archivecloud.net |
| EUW01 | https://auth.ams.archivecloud.net |
| AUE01 | https://auth.syd.archivecloud.net |
| CAC01 | https://auth.ca1.archivecloud.net |
| UKS01 | https://auth.uk1.archivecloud.net |
NOTE: SSO access for Personal Archive is the default use of the Application Login URL. SSO can also be enabled for Management and eDiscovery by Arctera Support.
***Create a case with Arctera Support to have SSO access enabled for Management or eDiscovery***
Once enabled, the SSO URL’s for Management and/or eDiscovery will have the CID at the end, as it is with the Personal Archive SSO URL. Please see the examples below:
- https://admin.us.archive.veritas.com?CID=###########
- https://discovery.us.archive.veritas.com?CID=###########
References
Was this content helpful?
Translated Content
Please note that this document is a translation from English, and may have been machine-translated. It is possible that updates have been made to the original version after this document was translated and published. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.