Completing the configuration process, Checking time synchronization, Enable ssl on saml bridge – Google Search Appliance Enabling Windows Integrated Authentication version 7.2 User Manual
Page 13
Google Search Appliance: Enabling Windows Integrated Authentication
13
Completing the Configuration Process
Follow steps in this section to complete the configuration process.
Checking Time Synchronization
The system clock of the SAML Bridge host and the system clock of the search appliance must be
synchronized to prevent the search appliance from invalidating authentication responses. The search
appliance treats an authentication response as invalid if the timestamp of the response is not close to
the time of the search appliance system clock.
Verify that these system clocks are synchronized.
If your environment uses Network Time Protocol (NTP), do the following:
1.
Check that an NTP server is running on your network.
2.
Test that the search appliance is configured to use NTP:
a.
In the search appliance Admin Console, go to Administration > Network Settings.
b.
Ensure that the NTP server is specified.
c.
Use the Network Diagnostics box to test connectivity between the search appliance and the
NTP server.
3.
Check that the NTP service is running on the SAML Bridge host, on the content servers, and on the
domain controller.
Ensuring Connectivity Between the Google Search
Appliance and SAML Bridge
Verify that the two systems can communicate with each other:
1.
In the Admin Console, go to Administrator > Network Settings.
2.
In Network Diagnostics, enter the URL for the Login.aspx file in the URLs to Test box as follows,
where your_ac_host is the name of the host on which SAML Bridge is installed:
http://your_ac_host:port/virtual_directory_name/Login.aspx
3.
Click Update and Perform Diagnostics.
If you discover problems here, check for network connectivity issues as you would for any two hosts.
Enable SSL on SAML Bridge
SSL is required by the SAML artifact consumer URL on the Google Search Appliance but not by the
search page or SAML Bridge. However, if you do not enable SSL on both the search appliance and SAML
Bridge host, secure searches display warnings about redirection to secured sites from non-secured
sites. Therefore, Google recommends that you enable SSL on both the search appliance and SAML
Bridge.
For information on how to enable SSL for the search appliance, in the Admin Console, click
Administration > SSL Settings. Use the online help that is available from that page for information.