Return
-
Title
SSO (Single Sign-On) is not working for the Web Portal -
Description
SSO (Single Sign-On) is not working. What are the required steps to configure this? -
Resolution
Single Sign-On is possible for the One Identity (1IM) Web Portal (IT Shop) if the following conditions are met:
1. The configuration parameter TargetSystem\ADS\AuthenticationDomains contains a valid value, e.g. domain.com.
In Designer select Getting Started then Edit configuration parameters:
2. The appropriate Authentication Module, i.e. Active Directory user account (role based), is enabled.
In Designer select Base Data, expand Security settings and select Authentication modules:
3. Anonymous Authentication for the web site is disabled in IIS:
4. The logged in user, e.g. logged in to a Windows system, has a valid ADSAccount and role-based Employee in the 1IM database, e.g.:
5. It may be necessary to update Internet Explorer to use the Automatic logon with current username and password option.
6. It is assumed the 1IM web portal is configured correctly and the appropriate Authentication module is selected in the web.config.
-
Additional Information
Additional issues that arise may be due to Windows authentication with IIS, etc. E.g.: Web Authentication via SSO not working Identity Manager web portal prompting for login, rather than using NTLM