Versions Compared

Version Old Version 1 New Version 2
Changes made by

Patrick Stirnemann

Patrick Stirnemann

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Step 1 - SSO - Authentication level & Method

Add an entry in the Authentication level tab for IWA and add the Authentication method Windows Authentication to it.

...

Navigate to the menu entry SSO, click on Authentication level, then select the Authentication Level you want to add the Integrated Windows Authentication.

In the tab Authentication level Entry add a new entry for Integrated Windows Authentication

One the new entry is created click on it to open the corresponding configuration.

In thetab Authentication method, add a new entry and select Windows Authentication

Step 2 - Target System settings

Enter the Authentication Domain Name to your Active Directory Target System.

...

In the tab system feature activate the function “Authentication provider active”

...

Navigate to the menu entry System Configuration, click on Target Systems, then select the active directory target system you want to add the Integrated Windows Authentication.

Edit the target system in and add/edit the attribute Authentication Domain Name, it should contain the corresponding Domain Name of the target System.

Open the tab System Feature and activate the function Authentication Provider active.

Step 3 - Identity Type settings

Activate the function “Authentication Provider active” for the corresponding Active Directory Identity on the tab “Identity type Features”

...

Navigate to the menu entry Identity Management, click on Identity Types, then select the identity type for whom you want to add the Integrated Windows Authentication.

In the tab Identity Type Features activate the function Authentication Provider active.

Step 4 - Identity Provisioning Configuration

Navigate to the menu entry Identity Management, click on Identity Provisioning Configurations.

Make sure the CoreOne Suite Account and the provisioning configuration where you want to use Integrated Windows Authentication have different Usernames.
For the Active Directory this means the Sam-Account-Name has to be different than the Username of the CoreOne Suite Account.

Sept 4 - IIS Settings

In the IIS Settings navigate to Enable Windows Authentication in IIS for the site wehre where the CoreOne Authentication Service is configured.

In the Authentication pane, select Windows Authentication, and then click Enable in the Actions pane.

...

Further instructions for configuring the IISaccording to this link: https://docs.microsoft.com/en-us/iis/configuration/system.webserver/security/authentication/windowsauthentication/

Important

The CoreOne Suite Account and the Identity you wish to enable IWA can not have the same Username.