5 Replies Latest reply on Feb 7, 2017 1:38 AM by kwallace

    Configure Single Sign On


      Hi all,


      New to the THWACK community and looking for some helpful info on how to configure my Helpdesk for SSO.


      Read the how-to guide that Solarwinds provides but looking for this to be expanded a little more to give a little more detail?

      Any help anyone can give



        • Re: Configure Single Sign On

          Single sign on as in ??? signing into WHD?

          • Re: Configure Single Sign On

            There are a couple of ways you can accomplish SSO with WHD (where users go to the web page and get automatically logged in without having to type username/password).  Both require some external work/software:


            • Active Directory Federation Services (ADFS) - if you have ADFS set up for your Active Directory environment, you can used the SAML authentication method in WHD to hook into ADFS and use it.
            • Tomcat/HTML headers - you can setup a separate Tomcat server and have it talk to AD for authentication.  There is a way to forward the HTML headers between WHD and Tomcat so that it accomplishes a similar goal.


            ADFS is by far the most common way to do it when true SSO is required, but it can take a bit of work to get ADFS set up.



            If you are just trying to avoid having to give another username and password to your users, a much simpler way exists:   If you configure an LDAP connection in WHD, it can use that to facilitate a pass-through authentication with Active Directory.  In this scenario your users would still type in a username/password or email/password when they go to the WHD demo, but it would be the username/password that they already know from AD.  AD essentially just validates that the username and password are correct and WHD then lets the users in.    This isn't true SSO, though.

            • Re: Configure Single Sign On



              Thanks all for your input


              Yeah I have it configured for LDAP already but trying to make things a little easier for users where they don't have to log in to the Network and then login to use the SD but rather it just be a Webpage that they opened to log tickets....

              Also it would be handy for our Techs as well to do this.

              How does everyone else use this? Is having SSO configured a common thing?


              Thanks all