Views:

Windows Integrated Authentication (WIA) allows users to single sign-on to Deep Discovery Director (Consolidated Mode) using the domain credentials they used to sign on to an endpoint.

  1. Log on to a Windows Server installed with AD FS 4.0 or AD FS 5.0.
  2. Go to Start > All Programs > Administrative Tools to open the AD FS management console.
  3. Select AD FS > Service > Authentication Methods in the left navigation, and under the Actions area on the right, click Edit Primary Authentication Methods....
  4. On the Primary tab, under Intranet, ensure that Windows Authentication is enabled.
  5. Click OK.
  6. Log on to your Domain Controller.
  7. Go to Start > All Programs > Administration Tools > Group Policy Management.
  8. Select User Configuration > Policies > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page.
  9. Double-click Site to Zone Assignment List to configure the settings.
  10. Select Enabled.
  11. Under Options, click Show.
  12. Add the Deep Discovery Director (Consolidated Mode) management console URL as Value name with a Value of 1.
  13. Click OK. The Deep Discovery Director (Consolidated Mode) management console URL is added to the Intranet zone.
  14. Select User Configuration > Policies > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page > Intranet Zone.
  15. Double-click Logon options to configure the settings.
  16. Select Enabled.
  17. Under Options, click Automatic logon with current username and password.
  18. Click OK. This enables web browsers to automatically log on to the Deep Discovery Director (Consolidated Mode) management console with their current user name and password.
  19. Deploy the updated group policy to your endpoints.
    Note:

    If group policy deployment is blocked by the Windows Firewall, add an inbound rule to allow the deployment, and execute gpudate /force in an administrator command prompt on your endpoints to force endpoints to accept the new firewall policy.

    Users who signed on to their endpoint using their domain credentials should now be able to single-sign on to Deep Discovery Director (Consolidated Mode).
Parent topic: Configuring Active Directory Federation Services