Get up and running Zentral on Google Cloud Platform — Chapter 4

Preparation

Log into Okta and create a new custom App. You must select SAML 2.0 protocol here.

  • Single sign on URL (the ACS link to fill in here)
  • Audience URI (the Metadata link to fill in here)
  • other settings are optional so we ignore them in our example and stick with the defaults already set
ACS: https://zentral.apfelwerk.net/saml2/acs/ Metadata: https://zentral.apfelwerk.net/saml2/metadata/

Zentral edits

Setup Realms for SAML 2.0 in web interface
sudo vim /home/zentral/conf/OKTA_IDP_METADATA.xml
sudo vim /etc/systemd/system/zentral_web_app.service
  • Environment=ZENTRAL_SAML2_IDP_NAME
  • Environment=ZENTRAL_SAML2_IDP_METADATA_FILE
sudo systemctl daemon-reload
sudo systemctl restart zentral_web_app

Enable users/groups

Last action required for this SSO setup remains in the Okta > People section. Here we need to assign / enable a user or group of users for accessing the App with SSO.

Wrap up

We’ve reached the end of this chapter. We have a production reday SSO setup for Zentral. Based on GCP in a free tier, we now can lean towards the client facing features in Zentral. You could review our initial resources posting, and stay tuned for future tutorials.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
zentral

zentral

We’re the developers behind Zentral. We operate a consultancy business, provide expertise and services all around Mac management. Contact: https://zentral.pro