Single Sign-On is possible for the One Identity (1IM) Web Portal (IT Shop) if the following conditions are met
1. The configuration parameter TargetSystem\ADS\AuthenticationDomains
contains a valid value, e.g. domain.com.
select Getting Started
then Edit configuration parameters:
2. The appropriate Authentication Module, i.e. Active Directory user account (role based)
, is enabled.
select Base Data
, expand Security settings
and select Authentication modules
3. Anonymous Authentication
for the web site is disabled in IIS:
4. The logged in user, e.g. logged in to a Windows system, has a valid ADSAccount and role-based Employee in the 1IM database, e.g.:
5. It may be necessary to update Internet Explorer to use the Automatic logon with current username and password
6. It is assumed the 1IM web portal is configured correctly and the appropriate Authentication module is selected in the web.config.