How to Configure Active Directory Single Sign On

This article explains how to configure Active Directory (AD) Single Sign-On (SSO) functionality with Issuetrak. With this feature enabled, the browser will automatically log in with the current user's Windows credentials.


Prerequisites

  • Must have purchased the Active Directory module (Please see your Account Manager if interested in purchasing the module).
  • Web Server hosting the Issuetrak site must be joined to your Active Directory domain.  (Because of this prerequisite, AD SSO is not available to Cloud customers).
  • Read and Execute permission on the Issuetrak web folder for Domain Users.  
  • Additional permissions for several subfolders in the Issuetrak web folder:  See KB 1578 for more information on this. 

Configure Issuetrak

Steps:

  1. Navigate to Administration > System > System Settings, then click Features in the left-hand submenu.
  2. Select the Integrate/Authenticate users with Active Directory in the Identity Management section.
  3. Select Allow single sign on functionality.
  4. Click Update to save the new settings.

Configure IIS

Steps:

  1. Open IIS and navigate to your Issuetrak site.
  2. In the middle, double-click Authentication.
  3. Right-click Anonymous Authentication > Disable.
  4. Right-click Windows Authentication > Enable.

Configure Web Browser

The steps for Internet Explorer below can be done via Group Policies.

The steps below do not mention Chrome, since it will work with SSO based on Internet Explorer's settings, and does not require configuration beyond that to work. 

Internet Explorer

Steps:

  1. Click Tools > Internet Options.
  2. Select Security tab.
  3. Select the zone that corresponds to the Issuetrak site.
    • You may wish to add Issuetrak to your Trusted Sites zone.
  4. Click Custom Level.
  5. Scroll to the bottom. 
  6. Under the User Authentication section, select Automatic logon with current user name and password.
  7. Click OK to save the changes.

Firefox

Steps:

  1. Type about:config into the address bar, then press enter.
  2. A warning screen may appear.  Click Accept the Risk and Continue.
  3. Type network.auto into the Filter.
  4. Locate network.automatic-ntlm-auth.trusted-uris.
  5. Click the pencil icon.
  6. Type in the URL for the Issuetrak site.
  7. Click the blue check mark icon to save the changes.