SSO and windows authentication

SME
Giga Guru

‎08-13-2015 09:01 AM

Hi,

We have enabled multiple provider SSO and done settings in Configuring ADFS 2.0 to Communicate with SAML 2.0 - ServiceNow Wiki this link to do windows authentication.

This is showing the company's login page once to enter AD user name and password. After that it remembers the login credentials and do not show login page after that, it automatically logs in everytime you access SNOW instance.

Is it possible to get rid of the login page even for the first time. I mean when user logs into his desktop/laptop, it takes the login info from there and automatically logs in when he access SNOW instance.

Thanks.

Labels:
0 Helpfuls
  • 9,113 Views
21 REPLIES 21

bernard6
Mega Expert
In response to tony_barratt

‎04-27-2016 04:19 AM

Hi Tony,



Thanks for the link.   I've run into that issue before because of EAP.   To work around that issue without turning off EAP you can add an entry in the hosts file on your workstation to point the IDP URL to it's external address because typically externally it is configured for forms authentication.



I've been able to successfully debug ADFS in the past using this workaround.



Thanks,
David Bernard


Ivan Prikhodko
Tera Contributor
In response to bernard6

‎06-10-2016 12:07 AM

Hi David,




thank you very much for your advise, finally I had a chance to try it on another instance. As a result I can now login in into the SNOW instance using domain authentication in IE and Opera. But I still getting username/password dialog window from my AD FS server using Chrome and Mozilla.



Do you know about any tips and tricks available to make those two browsers being able to leverage Windows authentication too ?



Cheers!


0 Helpfuls

bernard6
Mega Expert
In response to Ivan Prikhodko

‎06-13-2016 11:15 AM

Hi Ivan,



Turning off the EAP features in IIS on the ADFS servers is the only configuration i'm aware of to enable Windows Authentication to work in other browsers.



Thanks,
David Bernard


Ivan Prikhodko
Tera Contributor
In response to bernard6

‎06-23-2016 10:10 PM

Hi David,



indeed it is working for Chrome, Opera, but not for Mozilla unfortunately.


Any way appreciate your help.



To ALL:


If anybody manage to get SSO in Mozilla works, I would much appreciate any help or advise.


0 Helpfuls

tony_barratt
ServiceNow Employee
ServiceNow Employee
In response to bernard6

‎08-20-2015 10:15 AM

Hi David,



Thanks for sharing your set up and positive experience - especially the browser settings.


I think that in addition to ADFS itself being configured   appropriately for Windows Authentication, you might also have to tweak the SAML config on the ServiceNow re "Windows-based authentication." - as per my update Aug 16 above.



Best Regards



Tony







0 Helpfuls