Active Directory Federation Services (AD FS) is a software component that provides single sign-on (SSO) authorization services to users. This feature lets users access multiple applications on the server by authenticating only in one of the applications.
For example, a user who is logged in to Lexmark Management Console (LMC) can already access Lexmark Print Management Console.
Proof Key for Code Exchange (PKCE) is a lightweight mechanism implemented in the application that requests an authorization code. LPM and LDD support it as a simple extension to the Authorization 2.0 authorization code grant. With the integration of the third-party open source application Keycloak, PKCE allows users to authenticate once and access multiple applications without reentering their credentials.
Notes:
For LMC, when creating a client-server application, select web browser accessing a web application as the application type.
Make sure to add the following:
Redirect URI—
Logout URI—
For LPM, when creating a client-server application, select Native application or Native application accessing a web API as the application type.
Make sure to add the following:
Redirect URI—
Logout URI—
Open Windows Explorer.
Navigate to
.Edit
.From the Location /printrelease/ block, append the following before the closing double quotes (replace the value of
):Add the following at the end of the file (replace the value of
):Save the file.
Restart the Apache2.4 service.
On the upper-right corner of Print Management Console, click .
Click Login.
From the Type menu, select AD FS SSO.
In the Login Group text field, type the name of the Active Directory or LDAP group that is provided with administrator access or privilege to Print Management Console.
Click Save Changes.
Click on the upper-right corner of Print Management Console.
Configure the AD FS and LDAP server settings:
Type the address of the AD FS server.
Import the SSL certificate for LPM to communicate to the AD FS server.
Type the client ID.
Type the client secret.
Type the scope of the client.
Click Save Changes.
Click Add.
Configure the server details.
Click Save Changes.