I make my first steps with OpenID to test Kopano-Meet afterwards.
I have installed the OpenID-Provider on the UCS-Master (4.4.6) I did not make any changes to the configuration. Host: srv01.mydomain.local (IP: 192.168.24.5)
Kopano (Core, WebApp, z-Push, Meet) are installed on a UCS member (4.4.6). Host: com01.mydomain.local (IP: 192.168.24.6)
From a client I can call the URL: https://ucs-sso.mydomain.local/.well-known/openid-configuration
There is also a UCS backup in the network Host: backup01.mydomain.local (IP: 192.168.24.4)
In the “First steps” it says “If the app is installed on DC Master or Backup, make sure that it is also installed on all other servers that can be reached under the ucs-sso DNS CNAME”.
I have checked the DNS. The CNAME “sso-ucs” points to both (Master & Backup: 192.168.24.5, 192.168.24.4). Is this correct?
I have not made any changes to the DNS & LDAP yet.
Do I have to add “openid-connect-provider” in User -> Account -> SAML Settings?
The link: https://ucs-sso.mydomain.local/.well-known/openid-configuration
only works temporarily. Can this have anything to do with the UCS backup?
How can I solve this?
Little feedback. On the UCS this does not need to be added in the user because “openid-connect-provider” is automatically added in the group “Domain Users”.
Exception: If in the app settings of openid-connect-provider the option:
"Do not add the SAML configuration to the Domain Users group. "
is activated.