Create an SSO domain using LDAP and RADIUS. To do this, follow the steps below:

  1. In the LoadMaster User Interface (UI), go to Certificates & Security > LDAP Configuration.
  2. Specify the name of the LDAP endpoint configuration and click Add.

  3. Configure the settings of the LDAP endpoint as needed.
  4. In the LoadMaster UI, go to Virtual Services > Manage SSO.

  5. Enter the name of the SSO configuration in the text box under Add new Client Side Configuration and click Add.

    Note: The LDAP server does not need to be the same as the RADIUS server. For example, it can be an LDAP Windows Server that is already used in the domain.
  6. Select RADIUS and LDAP as the Authentication Protocol.
  7. Select the relevant LDAP Endpoint.
  8. Configure the other settings as needed.
    Note: The RADIUS Shared Secret should be the same as the one configured for radius_secret_1 as mentioned in the Configure Duo Auth Proxy and Start section.
  9. In the LoadMaster UI, go to Virtual Services > View/Modify Services.
  10. Click Modify on the relevant Virtual Service (or add a new one).
  11. Expand the ESP Options section.

  12. Select the Enable ESP check box.
  13. Select the relevant SSO Domain.
  14. Configure any other settings as needed.
Note: Any Real Server can be added to this service now. There are no additional configuration or installation requirements needed on the Real Server.