SSO and windows authentication
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-13-2015 09:01 AM
Hi,
We have enabled multiple provider SSO and done settings in Configuring ADFS 2.0 to Communicate with SAML 2.0 - ServiceNow Wiki this link to do windows authentication.
This is showing the company's login page once to enter AD user name and password. After that it remembers the login credentials and do not show login page after that, it automatically logs in everytime you access SNOW instance.
Is it possible to get rid of the login page even for the first time. I mean when user logs into his desktop/laptop, it takes the login info from there and automatically logs in when he access SNOW instance.
Thanks.
- Labels:
-
Integrations
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-20-2015 08:09 AM
Hi Mansi,
If ADFS is configured for Windows Authentication internally you should be able to have the users automatically logged into your ServiceNow instance if they use IE. In IE if the URL for your ADFS site is configured to be in the Local Intranet zone and the security configuration for 'User Authentication'\Logon is configured as 'Automatic logon only in Intranet zone' or 'Automatic logon with current user name and password' for the Local Intranet zone the user should be automatically logged into ADFS when ServiceNow redirects them to ADFS for authentication.
The IE configuration can be deployed using Group Policy.
We currently have this setup and working for our instance.
David
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-20-2015 08:50 AM
So, in your environment users do not have to enter login credentials even once?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-20-2015 09:21 AM
If they use IE and are on our internal network they are not prompted at all. They are automatically signed into ServiceNow with the account they are signed into their workstation with.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-21-2015 10:02 AM
Hey David,
We have these settings in place. But still it prompts the user to enter login credentials once. After you enter once, each time you access again or logout and login...it auto login and do not need to enter login credentials.
We are not able to remove that first time login....:(
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-13-2016 11:45 AM
Hi,
We finally got the SSO working without even entering the username pwd once for first time logging. We had to do some network changes in the AD infrastructure.
We have two DNS servers....External and Inetrnal....ServiceNow redirects to external ADFS server which was not redirecting to internal ADFS server. Hence, we had to enter username and password once. But now external redirects to internal and no username and pwd are required. So, once an employee login to his system/machine...he can access SNOW URL without entering any username and password.
