11 August 2010

UAG File Access Single Signon

So previously I explored the woes of getting File Access to work.

When it comes to publishing file access as an application on your portal it is strangely tricky to get it to use single sign on - or "don't ask me for my credentials again"

I was doing some digging around and found issues that are addressed by Unified access gateway Update 1. Installing this should be your first port of call. 

Then  checking to see that my portal is configured to forward single signon credentials to published applications

In my case adds01 is my active directory servers.

Next up Add a File Access application to the portal.

These should be the default Authentication settings.

Cool. So up to this point everything is pretty standard.  Now we need to change the FileSharing Authentication server.  From Admin - Authentication and Authorisation Servers.

I checked my setting for my active directory and ensure that the Default domain name is specified  - for use with SSO

With this sorted we can proceed to the next step.

I edit the FileSharing server and check the  "Use a different server for portal application authorisation" and then I select my Active Directory server.

When logging onto the portal always use domain\username.

So what is the difference between Authentication and Authorisation?

Authentication is proof that you are who you say you are.
Authorisation is access rights that is granted to that user.

That is how far I got today.

No comments:

Post a Comment