SSO and windows authentication

SME
Giga Guru

‎08-13-2015 09:01 AM

Hi,

We have enabled multiple provider SSO and done settings in Configuring ADFS 2.0 to Communicate with SAML 2.0 - ServiceNow Wiki this link to do windows authentication.

This is showing the company's login page once to enter AD user name and password. After that it remembers the login credentials and do not show login page after that, it automatically logs in everytime you access SNOW instance.

Is it possible to get rid of the login page even for the first time. I mean when user logs into his desktop/laptop, it takes the login info from there and automatically logs in when he access SNOW instance.

Thanks.

Labels:
0 Helpfuls
  • 9,114 Views
21 REPLIES 21

Ivan Prikhodko
Tera Contributor
In response to tony_barratt

‎06-23-2016 10:23 PM

Hello Tony,




confirm, it is absolutely necessary to change:



[1] urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport



to



[2] urn:federation:authentication:windows



Do you have any idea how to make Mozilla working transparently with SSO?


I even found some add-on for Mozilla - Firefox with Intranet site + automatic logon • mozillaZine Forums


but still can't get a good result even with that add-on installed.



Thank you,


0 Helpfuls

Jeffrey Siegel
Mega Sage
In response to tony_barratt

‎04-14-2022 05:38 AM

For those trying to find this area, i was able to find it in Quebec at:

  1. Multi-Provider SSO (if you have the plugin installed)
  2. Identity Providers
  3. then pick the authentication method that is in use,
  4. then on the advanced tab, left column, AuthnContextClassRef Method adjust the out of the box value of:
    1. urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
      to:
    2.  urn:federation:authentication:windows
  5. then click on Test Connection
  6. once the system validates it can authenticate via this method it will allow you to click activate 
  7. then save/update.
0 Helpfuls