Generally, after logging on to Alibaba Cloud, Alibaba Cloud users (including RAM-deactivated Alibaba Cloud accounts, Alibaba Cloud accounts, and RAM user accounts) can directly log on to and use DMS Enterprise at the address DMS console.
However, many enterprises have their own identity authentication systems. They want to enable enterprise users to use DMS directly after successfully logging on to their authentication systems, instead of jumping to Alibaba Cloud’s logon page to fill in logon information and log on again.
So how can enterprises achieve this?
An enterprise can simply use user-based Single Sign On (SSO) on Alibaba Cloud to meet the preceding requirement. The only prerequisite for users to use DMS is that they have logged on to Alibaba Cloud. Therefore, as long as an enterprise implements SSO to Alibaba Cloud, it also implements SSO to DMS.
For more information about user-based SSO on Alibaba Cloud, see:
This topic describes how to implement SSO to Alibaba Cloud by using Microsoft Active Directory (AD).
Note: Before getting started, we recommend that you read the preceding documents to understand the principles, configuration, and process of SSO.
Enter the logon address for a RAM user in the browser.
If SSO has been enabled, a text box prompting for your logon Enterprise Account. If SSO has not been enabled, a text box prompting for your logon username appears instead.
Click Log On with Enterprise Account to redirect to the enterprise’s own authentication system.
Note that the username and password here are used to log on to the enterprise’s authentication system and are maintained by the enterprise itself.
Log on to the DMS Enterprise console.
Navigate to Products and Services and search for DMS on the homepage of the console or directly visit the website DMS console to log on to the DMS Enterprise console.
In the left-side navigation pane, choose System Management > User Management. Click Synchronize RAM User Account to add other RAM user accounts that need to use DMS Enterprise to DMS Enterprise.
By performing this operation, you no longer need to manually add enterprise users one by one.
The other user experience after logon is the same as that of a RAM-deactivated Alibaba Cloud account. For more information, see the documents about relevant functions.