Jump to content


Sign in to follow this  
AdinE

SCAC 2012 SP1 in a LAB – Configuration (Part A – Enable Single Sign-On)

Recommended Posts

Enable Single Sign-On How to Enable Single Sign-On for App Controller

By default, App Controller is enabled to prompt users to sign in by entering their Active Directory user name and password. The following procedures describe how to configure App Controller to use the user’s current Windows credentials to automatically sign on.

 

To verify or change the authentication method

Open IIS manager on the App Controller server.

Single Sign On 01.png

 

Select the App Controller website.

Single Sign On 02.png

 

Expand the website and select the /api node.

Single Sign On 03.png

 

Click Authentication.

Single Sign On 04.png

 

Enable Windows Integrated Authentication.

Single Sign On 05.png

 

Disable Basic Authentication.

Single Sign On 06.png

 

 

To turn on constrained delegation

Log on using an account that has OU Administrator privileges in Active Directory Domain Services. Ensure that this account is also granted the SeEnableDelegationPrivilege user right (for example, a domain administrator could run the command ntrights -u domain\user +r SeEnableDelegationPrivilege on a domain controller, where domain/user represent the domain and account name for the account).

 

In Active Directory Users and Computers, right-click the App Controller system and click Properties.

AppC Constrained Delegation 01.png

 

Click the Delegation tab.

AppC Constrained Delegation 02.png

 

Select the Trust this computer for delegation to specified services only option.

AppC Constrained Delegation 03.png

 

Select the Use any authentication protocol option.

AppC Constrained Delegation 04.png

 

Click Add and then do one of the following:

a. If the VMM management server is running under the Local System account, enter the name of the VMM management server and select HOST, and then click OK.

b. If the VMM management server is running under a domain account, enter the name of domain account and select SCVMM, and then click OK.

AppC Constrained Delegation 05.png

AppC Constrained Delegation 06.png

AppC Constrained Delegation 07.png

 

Restart the App Controller management server.

Share this post


Link to post
Share on other sites


Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...