How to Configure Active Directory Single Sign On

This article explains how to configure Active Directory (AD) Single Sign-On (SSO) functionality with Issuetrak. With this feature enabled, the browser will automatically log in with the current user's Windows credentials.


 

Prerequisites

  • Must have purchased the Identity Management integration (Please see your Account Manager if interested in purchasing).
  • Web Server hosting the Issuetrak site must be joined to your Active Directory domain. (Because of this prerequisite, AD SSO is not available to Cloud customers).
  • Read and Execute permission on the Issuetrak web folder for Domain Users.
  • Additional permissions for several subfolders in the Issuetrak web folder: See KB 1578 for more information on this.

 

Activate the AD Integration in Issuetrak

Steps:

  1. Click the gear icon in the upper right > click on Features beneath System.
  2. Select "Enable authenticating users with third party identity providers" in the Identity Management section.
  3. Select Allow single sign on functionality.
  4. Click Update to save the new settings.

Deactivate the AD Integration in Issuetrak

You may want to deactivate AD integration under certain circumstances, which will preclude the use of all forms of AD authentication with your instance of Issuetrak. 

Steps:

  1. Sign into Issuetrak with a Sys Admin account.
  2. Click the gear icon in the upper right > click on Features beneath System.
  3. Scroll down to Identity Management.
  4. Uncheck the box next to "Enable authenticating users with third party identity providers".
  5. Click Update

 

Configure IIS

Steps:

  1. Open IIS and navigate to your Issuetrak site.
  2. In the middle, double-click Authentication.
  3. Right-click Anonymous Authentication > Disable.
  4. Right-click Windows Authentication > Enable.

 

Configure Web Browser

The steps for Chrome and Chromium Edge below can be done via Group. Once configured, the machine may need a gpupdate in order to pull down the changes.

Chrome / Chromium Edge

Steps:

  1. On the workstation, search for and select Internet Options.
  2. Select Security tab.
  3. Select the zone that corresponds to the Issuetrak site.
    • You may wish to add Issuetrak to your Trusted Sites zone.
  4. Click Custom Level.
  5. Scroll to the bottom.
  6. Under the User Authentication section, select Automatic logon with current user name and password.
  7. Click OK to save the changes.

Firefox

Steps:

  1. Type about:config into the address bar, then press enter.
  2. A warning screen may appear. Click Accept the Risk and Continue.
  3. Type network.auto into the Filter.
  4. Locate network.automatic-ntlm-auth.trusted-uris.
  5. Click the pencil icon.
  6. Type in the URL for the Issuetrak site.
  7. Click the blue checkmark icon to save the changes.