Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [single-sign-on]

Single Sign On is a technology that allows a single login to be transparently used with multiple applications and environments.

Single Sign On (SSO) is a technology that allows the transparent use of a single username and password in multiple security domains. They're commonly used as part of a greater framework which unites otherwise separate systems into a single virtual login domain. SSO systems may be purely web-based, or client-based.

A variety of technologies can be used to build SSO systems.

347 questions
3
votes
2 answers

Office 365 SSO with different internal and external domain names

I'm trying to get SSO to work with Office 365 and Sharepoint online and I'm getting really confused. My internal domain is "internal.com" and my external name is "external.com". external.com is added as a domain in O365, but internal.com is not.…
blsub6
  • 1,131
  • 6
  • 25
  • 45
3
votes
2 answers

Using Shibboleth with ADFS doesn't work

I'm trying to familiarize myself with Shibboleth 2.5.3 and Active Directory Federation Services (tried both 2.0 and 3.0). What I'd like to achieve is having an Apache server authenticate against ADFS as IdP using Shibboleth as SP. For that reason I…
Julian B
  • 33
  • 1
  • 4
3
votes
1 answer

Why is ADFS not passing credentials through with Integrated Windows Authentiation?

We have an ADFS 2.0 instance set up. We use it for 3rd party web app single sign-on. Everything works beautifully with the existing app, App1 with SAML 2.0, including IWA pass-through when users are redirected to our ADFS server. I just configured a…
Thomas
  • 890
  • 4
  • 18
  • 37
3
votes
2 answers

Office 365 with Azure AD - can I allow SSO for another 3rd party SAML app externally?

I'm shooting a little blind here in that I'm not an Azure expert and don't really mess with it yet beyond O365 and DirSync. We have a 3rd party app written in Ruby on Rails that they are saying is going to have SAML support in the next version and…
TheCleaner
  • 32,627
  • 26
  • 132
  • 191
3
votes
3 answers

ADFS and relying party token-signing certificates

I haven't quite gotten the grasp of relying party token-signing certificate's functionality with ADFS 2.0 / 3.0. Once the automatic self-signed certificate roll-over occurs (by default), there are scenarios where you have to manually deliver the new…
lapingultah
  • 49
  • 1
  • 2
  • 8
3
votes
0 answers

Possible to import Office365 users into local active directory domain?

My company has an office365 setup for all employees. We also have just implemented a domain controller locally which we want to use to authenticate a few things here in the office. The problem is that we want to have a way to use single sign…
pmilb
  • 61
  • 1
  • 6
3
votes
1 answer

problems creating a keytab file on win server

I am trying to create a keytab file. i see a warning WARNING: pType and account type do not match. This might cause problems. The command i use is ktpass -princ HTTP/bloodhound.domain.com@DOMAIN.COM -mapuser ldaplookup@domain.com -crypto…
shorif2000
  • 351
  • 1
  • 8
  • 28
3
votes
2 answers

Linux SSO for multiple windows domains

I have successfully implemented SSO on apache for windows users in the same AD domain that the apache server is in: AD domain = example.com Linux server = linux.example.com KDC = ad.example.com I set the KrbLocalUserMapping to ON in httpd.conf, as…
Nebojsa Zivkovic
  • 75
  • 2
  • 6
3
votes
1 answer

Getting started with active directory and cloud services

I am the 'IT guy' for a company that is rapidly growing and about to reach 100 employees. While my primary job is backend development for our websites and services; I am also tasked with setting up and maintaining PC's for our users. Currently I am…
kzin602
3
votes
1 answer

SSO with Apache and Kerberos issues

I am trying to set up SSO on my Apache web server using Kerberos so that users logged into the local domain are recognised and logged in immediately. I have followed this guide to the letter but I cannot get rid of the user/password prompt once…
tbh1
  • 131
  • 1
  • 1
  • 3
3
votes
6 answers

SFTP server solution with AD Single Sign-on capabilities

I'm designing a windows client application that will retrieve files from an SFTP server. I would like to avoid forcing users to supply credentials on the client application - rather, their Windows credentials would be supplied to the server which…
Scott Ewers
  • 141
  • 1
  • 1
  • 3
3
votes
1 answer

Apache2 + mod_auth_kerb: Key version number for principal in key table is incorrect

I have configured apache2 and mod_auth_kerb. I setted up my .htaccess in such way # cat .htaccess AuthType Kerberos AuthName "Domain login" KrbAuthRealms DOMAIN.COM KrbMethodK5Passwd on Krb5KeyTab /etc/httpd/httpd.keytab require valid-user When I…
petRUShka
  • 293
  • 2
  • 5
  • 16
3
votes
1 answer

Can a user with a disabled account browse Confluence content anonymously?

I'm running Confluence 3.5.13. I've got SSO authentication against our Active Directory forest working using the NTLMv2 plugin from TechTime. Users with an active account in Confluence are logged in automatically, and users with no account can…
Andrew Cooper
  • 216
  • 2
  • 6
3
votes
2 answers

SSSD Authentication

I just built a test server running OpenSuSE 12.1 and am trying to learn how configure sssd, but am not sure where to begin to look for why my config cannot allow me to authenticate. server:/etc/sssd # cat sssd.conf [sssd] config_file_version =…
Michael Moser
  • 219
  • 2
  • 4
  • 16
3
votes
2 answers

What is the term for single source authentication that is not Single Sign-On?

I've been using the term "Single Source" for authentication schemes that use a single authentication source (e.g. a single LDAP service) but are not Single Sign-on. i.e. You have to log on more than once, but you are using the same credentials. Is…
JDS
  • 2,598
  • 4
  • 30
  • 49
1 2 3
23 24