Customers
User information
 Loading ...
Show article in Knowledge Base

 SSO with Kerberos Export knowledge base Export     SubscribeSubscribe      Show article info

For Single Sign On (SSO) in a Windows network environment the VisionFlow server needs to be installed on a Windows server machine and it uses SPNEGO/Kerberos protocol. 

 

The system needs to be able to connect to the Active Dirtectory server (AD) and Kerberos Key Distribution Center (KDC). The KDC runs on each domain controller as part of Active Directory Domain Services (AD DS). You also need to set up a Domain User in the Active Directory for VisionFlow. Please note that the date and time settings on the server must be in synch with the AD server. 

 

 

Also please note that you need to use  userPrincipalName as the username in VisionFlow since this is what Kerberos is sending into VisionFlow during login. For more information about this please see here: http://www.morgantechspace.com/2014/04/samaccountname-vs-userprincipalname.html


User comments
 Loading ...