LDAP integration vs. SSO
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-02-2014 01:06 AM
Hello everyone,
I was wondering what the difference between LDAP integration and a SingleSignOn solution is. Technically the LDAP integration lets you use your same account for different application and services, so what is the difference to SSO? Is it only a single sign on solution when you can somehow have your identity forwarded? So that once logged onto a Windows Domain (for example) you can reuse these credentials?
Would be great if someone could clarify this matter.
Thank you,
Chris
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-11-2014 01:49 AM
Hi Sachin,
SSO is any application that can authenticate users and inform ServiceNow that "this user is authenticated".
How SSO authenticates users - separate matter, it can be asking for username + password on some page, verifying token, checking some other parameters.
For example if you configure ADFS and decide to use kerberos authentication, use-case scenario can be the following:
1. User logs into windows machine
2. Navigates to ServiceNow
3. ServiceNow redirects to ADFS
4. ADFS checks kerberos token, redirects back to ServiceNow
5. User is logged into ServiceNow without any prompts for password
If you go with LDAP integration - each time user will go to ServiceNow they will be asked for username+password that they have in AD.
Hope this is helpful.
Kyryl
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-16-2017 07:30 PM
Hi Kyryl
I know this is old. But let me ask you a quick question in regards to your post above...
You say if you go LDAP integration, then each time a user attempts to get to SN, they will be prompted for their LDAP credentials. Is this still the case. I thought you could integrate authentication with LDAP?
Thanks
Darren
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-18-2017 01:21 AM
Hi Darren,
If you are using LDAP for authentication - first time user opens ServiceNow they will be presented with a username/password login screen.
They will need to enter their AD username and password.
They won't be prompted for a username/password again unless their session expires: Manage user sessions
If their session is expired or they open ServiceNow in a different browser - they will be presented with a username/password login screen again.
Hope this helps.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-06-2014 02:50 AM
Thank you for your answer.
Cheers,
Chris
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-03-2015 06:29 AM
Hi All,
How to integrate Service-now with SSO using LDAP Authentication.
Any help will be highly appreciate.
