{"id":20404,"date":"2022-03-25T13:45:54","date_gmt":"2022-03-25T12:45:54","guid":{"rendered":"https:\/\/help.openbee.com\/open-bee-portal\/administrators-guide\/single-sign-on-in-an-active-directory-environment\/"},"modified":"2024-06-06T11:34:44","modified_gmt":"2024-06-06T09:34:44","slug":"single-sign-on-in-an-active-directory-environment","status":"publish","type":"page","link":"https:\/\/help.openbee.com\/en\/open-bee-portal\/administrators-guide\/single-sign-on-in-an-active-directory-environment\/","title":{"rendered":"Single Sign On in an Active Directory Environment"},"content":{"rendered":"<div id=\"main-content\" class=\"wiki-content group\">\n<p>With an LDAP directory, this feature allows a user to access the Open Bee\u2122 Portal without entering their password as long as they are logged in to their Windows 7 session.<\/p>\n<p>With an Azure AD directory, SSO only works if the user is previously logged into a website with their Microsoft Azure AD account in the same web browser.<\/p>\n<p>This part is about SSO with an LDAP directory:<\/p>\n<style type=\"text\/css\"><![CDATA[\/*<![CDATA[*\/ div.rbtoc1648215955367 {padding: 0px;} div.rbtoc1648215955367 ul {list-style: disc;margin-left: 0px;} div.rbtoc1648215955367 li {margin-left: 0px;padding-left: 0px;} \/*]]]]><![CDATA[>*\/]]><\/style>\n<div class=\"toc-macro rbtoc1648215955367\">\n<ul class=\"toc-indentation\">\n<li><a href=\"#SingleSignOndansunenvironnementActiveDirectory-Pr%C3%A9requispouruneconnexionSSO%C3%A0true\">Prerequisites for an SSO login to Open Bee\u2122 Portal<\/a><\/li>\n<li><a href=\"#SingleSignOndansunenvironnementActiveDirectory-ConfigurerlesnavigateurspourleSSO\">Configure browsers for SSO<\/a>\n<ul class=\"toc-indentation\">\n<li><a href=\"#SingleSignOndansunenvironnementActiveDirectory-InternetExplorer\">Internet Explorer<\/a><\/li>\n<li><a href=\"#SingleSignOndansunenvironnementActiveDirectory-FireFox\">FireFox<\/a><\/li>\n<li><a href=\"#SingleSignOndansunenvironnementActiveDirectory-Chrome\">Chrome <\/a><\/li>\n<\/ul>\n<\/li>\n<li><a href=\"#SingleSignOndansunenvironnementActiveDirectory-Probl%C3%A8mesfr%C3%A9quents\">Common Problems<\/a><\/li>\n<\/ul>\n<\/div>\n<h1 id=\"SingleSignOndansunenvironnementActiveDirectory-Pr\u00e9requispouruneconnexionSSO\u00e0true\">Prerequisites for an SSO login to Open Bee\u2122 Portal<\/h1>\n<ul>\n<li>Installing an &#8220;On Premise&#8221; Windows server<\/li>\n<li>The server is part of an Active Directory domain.<\/li>\n<li>The user is imported from the Active Directory LDAP<\/li>\n<li>Users are logged into the domain, on their Windows workstation<\/li>\n<li>The user&#8217;s browser has been configured as described below<\/li>\n<li>SSO is enabled in <a href=\"173113675.html\">the general configuration<\/a><\/li>\n<\/ul>\n<h1 id=\"SingleSignOndansunenvironnementActiveDirectory-ConfigurerlesnavigateurspourleSSO\">Configure browsers for SSO<\/h1>\n<h2 id=\"SingleSignOndansunenvironnementActiveDirectory-InternetExplorer\">Internet Explorer<\/h2>\n<p>Make sure that &#8220;<strong>Enable Windows Integrated Authentication<\/strong>&#8221; in Internet Explorer&#8217;s advanced options is checked.<br \/>\nRemember to add the URL to the list of trusted sites on the local intranet under the &#8220;<strong>Security<\/strong>&#8221; tab in the Internet Explorer options.<\/p>\n<h2 id=\"SingleSignOndansunenvironnementActiveDirectory-FireFox\">FireFox<\/h2>\n<p>Type &#8220;<strong>about:config<\/strong>&#8221; in the address bar and confirm.<br \/>\nChange the value &#8220;network.negotiate-auth.delegation.uris&#8221; and add the domain name for which you want to enable automatic sending of information. If the domain name doesn&#8217;t work, enter the name of the server on the domain.<\/p>\n<p><strong>Note<\/strong> : It may also be necessary to change the value \u00e9network.automatic-ntlm-auth.trusted-uris\u00e9 and add the string https:\/\/ <a rel=\"nofollow\">,http:\/\/.<\/a><\/p>\n<h2 id=\"SingleSignOndansunenvironnementActiveDirectory-Chrome\">Chrome<\/h2>\n<p><a class=\"external-link\" href=\"http:\/\/www.specopssoft.com\/configuring-chrome-and-firefox-for-windows-integrated-authentication\/\" rel=\"nofollow\">http:\/\/www.specopssoft.com\/configuring-chrome-and-firefox-for-windows-integrated-authentication\/<\/a><\/p>\n<p>There are two ways to set up Chrome:<\/p>\n<p>Option 1: see paragraph &#8221; <em><strong>To modify the registry to configure Google Chrome <\/strong><\/em>&#8221;<\/p>\n<p>Option 2: see paragraph &#8221; <strong><em>To use the command line to configure Google Chrome <\/em><\/strong>&#8221;<\/p>\n<h1 id=\"SingleSignOndansunenvironnementActiveDirectory-Probl\u00e8mesfr\u00e9quents\">Common Problems<\/h1>\n<p>On Windows Vista or Seven:<\/p>\n<ul>\n<li>The browser returns an Internal Server Error<\/li>\n<li>Add a value to the registry: HKEY_LOCAL_MACHINE\/SYSTEM\/CurrentControlSet\/Control\/Lsa<\/li>\n<li>Add a new DWORD value<\/li>\n<li>Name it &#8220;LmCompatibilityLevel&#8221; and set it to &#8220;1&#8221;<\/li>\n<\/ul>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>With an LDAP directory, this feature allows a user to access the Open Bee\u2122 Portal without entering their password as long as they are logged in to their Windows 7 session. With an Azure AD directory, SSO only works if the user is previously logged into a website with their Microsoft Azure AD account in [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"parent":20157,"menu_order":13,"comment_status":"closed","ping_status":"closed","template":"templates\/ob-help-products.php","meta":{"footnotes":""},"class_list":["post-20404","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/help.openbee.com\/en\/wp-json\/wp\/v2\/pages\/20404","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/help.openbee.com\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/help.openbee.com\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/help.openbee.com\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/help.openbee.com\/en\/wp-json\/wp\/v2\/comments?post=20404"}],"version-history":[{"count":8,"href":"https:\/\/help.openbee.com\/en\/wp-json\/wp\/v2\/pages\/20404\/revisions"}],"predecessor-version":[{"id":22408,"href":"https:\/\/help.openbee.com\/en\/wp-json\/wp\/v2\/pages\/20404\/revisions\/22408"}],"up":[{"embeddable":true,"href":"https:\/\/help.openbee.com\/en\/wp-json\/wp\/v2\/pages\/20157"}],"wp:attachment":[{"href":"https:\/\/help.openbee.com\/en\/wp-json\/wp\/v2\/media?parent=20404"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}