5.8.5 Single Sign-on through Windows Authentication

This authentication method, which uses NTLM v2, is not recommended for security reasons.

CAUTION:Customers using Single Sign-on through Windows to authenticate to Host Access Management and Security Server (MSS) are subject to the Netlogon Elevation of Privilege Vulnerability (CVE 2020-1472).

For details, see Knowledge Base article 7024851.

To use Single Sign-on through Windows Authentication:

  1. In Configure Settings - Authentication & Authorization, click Single sign-on through Windows authentication.

  2. Select your authorization method:

    • Allow authenticated users to access all published sessions

    • Use LDAP to restrict access to session

      NOTE: The same server will be used for Windows (Active Directory) authentication and LDAP authorization.

  3. Click +ADD and proceed according to your selected authorization method.

    • If you are not using LDAP, continue with the steps to Configure Windows Single Sign-on (without LDAP) Configure Windows Single Sign-on (without LDAP)

    • If you are using LDAP to restrict access, continue with Use LDAP to restrict access to Single Sign-on sessions.

Related topics