5 Replies Latest reply on Feb 7, 2017 1:38 AM by kwallace

    Configure Single Sign On

    kwallace

      Hi all,

       

      New to the THWACK community and looking for some helpful info on how to configure my Helpdesk for SSO.

       

      Read the how-to guide that Solarwinds provides but looking for this to be expanded a little more to give a little more detail?


      Any help anyone can give

       

      Thanks

        • Re: Configure Single Sign On
          techy4christ

          Single sign on as in ??? signing into WHD?

          • Re: Configure Single Sign On
            kellytice

            There are a couple of ways you can accomplish SSO with WHD (where users go to the web page and get automatically logged in without having to type username/password).  Both require some external work/software:

             

            • Active Directory Federation Services (ADFS) - if you have ADFS set up for your Active Directory environment, you can used the SAML authentication method in WHD to hook into ADFS and use it.
            • Tomcat/HTML headers - you can setup a separate Tomcat server and have it talk to AD for authentication.  There is a way to forward the HTML headers between WHD and Tomcat so that it accomplishes a similar goal.

             

            ADFS is by far the most common way to do it when true SSO is required, but it can take a bit of work to get ADFS set up.

             

             

            If you are just trying to avoid having to give another username and password to your users, a much simpler way exists:   If you configure an LDAP connection in WHD, it can use that to facilitate a pass-through authentication with Active Directory.  In this scenario your users would still type in a username/password or email/password when they go to the WHD demo, but it would be the username/password that they already know from AD.  AD essentially just validates that the username and password are correct and WHD then lets the users in.    This isn't true SSO, though.

            • Re: Configure Single Sign On
              kwallace

              Hi,

               

              Thanks all for your input

               

              Yeah I have it configured for LDAP already but trying to make things a little easier for users where they don't have to log in to the Network and then login to use the SD but rather it just be a Webpage that they opened to log tickets....

              Also it would be handy for our Techs as well to do this.

              How does everyone else use this? Is having SSO configured a common thing?

               

              Thanks all