Domains
A Domain is a logical unit that organizes and isolates various Configuration Items (e.g., Users, Accounts, Endpoints, etc.) in UDMG. This separation can be based on organizational structure, geographical regions, or specific responsibilities. Domains are helpful for managing access, security, compliance, and scalability in complex systems.
Configuration separation allows for multiple product instances to be hosted on the same application server and database infrastructure.
Before You Begin
UDMG must have at least one Domain (the Primary Domain), which is created automatically upon installation. After setting up the Primary Domain, you may want to create additional (Secondary) Domains, depending on your organization's needs. For example, you can use different Domains for development and production environments, or for each business unit.
If you need to use multiple Domains, we recommend incorporating them into your configuration plan from the beginning.
The purpose of this document is to give a general overview of Domains, and to explain administrative actions that apply to all Domains. For information specific to Primary and Secondary Domains, see the Primary Domain and Secondary Domains documentation.
If you decide to create multiple Domains, it is important to keep in mind that Domains are semi-independent. Users and Accounts within each Domain (besides System Administrators) are not able to view, and may not even know about, other Domains. If someone needs access to multiple Domains, they must create multiple Users/Accounts.
The server file system and allowable IP/Port combinations are shared across all Domains. Make sure to set the correct Endpoint Root File Paths and IP/Port combinations.
Managing Domains
Branding
Domain Administrators can customize the UDMG Admin UI branding within a Domain. Each Domain can have different branding settings. To edit Domain branding, follow these steps:
- From the Sidebar, click General > Domain.
- Click Banner Customization.
- Click the Edit button above the Banner details.
- Edit details for the Banner, using the Field Descriptions table below as a guide.
- Click Update.
The following table describes the fields you can configure:
| Name | Description | Specifications | Required |
|---|---|---|---|
| Banner Label | The top Banner text is defined as follows: UDMG [Banner Label] - [Domain Name] [System Identifier Label] You can set the Banner Label to customize the text shown before the Domain Name. We recommend setting the Banner Label to the name of your company. | No | |
| System Identifier Label | The top Banner text is defined as follows: UDMG [Banner Label] - [Domain Name] [System Identifier Label] You can set the System Identifier Label to customize the text shown after the Domain Name. We recommend setting the System Identifier Label to the name of your environment (e.g., “Development”). | No | |
| Logo | The image file for your company logo. |
| No |
| Banner Color | The color of the top Banner, chosen via a color picker. | Default value: Blue. | Yes |
LDAP Configuration
Domain Admins can configure an LDAP provider for User and Account authentication in their Domain.
You can only set up one LDAP provider per Domain. If you want to use multiple LDAP providers, you need multiple Domains.
See LDAP Authentication for more information.
SSO Configuration
Domain Admins can configure a Single Sign-On (SSO) provider to enable external authentication for Users within their Domain.
Each Domain supports one active SSO provider at a time. If your organization requires multiple SSO providers (e.g., Okta and Azure AD), you must configure them in separate Domains.
SSO login options appear on the UDMG Admin UI login screen as soon as a provider is configured and enabled. UDMG supports both SAML and OIDC protocols, allowing integration with most major Identity Providers (IdPs).
For setup instructions, see Single Sign-On (SSO).
Deleting Domains
The Primary Domain cannot be deleted. For instructions on deleting Secondary Domains, see Deleting a Secondary Domain.
If a Domain is deleted, all Configuration Items within the Domain, including Users, Accounts, Endpoints, and Pipelines, are deleted. Deletion cannot be undone.