/build/static/layout/Breadcrumb_cap_w.png

Passthrough authentication for servicedesk on K1000?

I'd like to implement passthrough authentication on our K1000 for user servicedesk. I did find a previous article listing that it is not a supported feature dated April 2011. Has this changed at all? Has anyone had success implementing some sort of workaround?
Asked 9 years ago 2181 views
3 Comments   [ + ] Show comments
  • What version of the appliance are you running? - chucksteel 9 years ago
  • Just upgraded to 6.3 this weekend. - Mautobu 9 years ago
    • You should be able to turn on Single Sign On in the security settings. - chucksteel 9 years ago
      • I was under the impression that SSO would just grab user credentials from AD. My goal is to have users bypass the login screen altogether.

        edit: aaaaand looking at the documentation, I am wrong. Cheers! - Mautobu 9 years ago
      • According to this KB article they don't have to enter their credentials again: http://documents.software.dell.com/k1000-systems-management-appliance/6.3/administrator-guide/getting-started-with-the-k1000-systems-management-appliance/configuring-user-accounts-ldap-authentication-and-sso/configuring-single-sign-on-sso/about-user-authentication-for-single-sign-on

        I don't know if that bypasses the screen altogether, however. Have you enabled SSO but you're still seeing the login page? We have not enabled it in our environment but I am curious about how it works. - chucksteel 9 years ago
      • I'll be looking more into it tonight, but from what I read at https://support.software.dell.com/k1000-systems-management-appliance/kb/111863 it appears as though some IE settings need to be changed too, which should be simple enough as our intranet already uses SSO. And yes, it should bypass login if setup correctly. - Mautobu 9 years ago
  • Well that was incredibly simple. Settings > Security Settings > Single Sign On > Active Directory.

    Make sure you have LDAP working already and you're good on the KACE side. As for windows, you'll need a GPO to distribute your K1000 as a trusted server, and allow authentication to be sent over LAN:

    Computer Comfiguration > Policies > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page > Intranet Zone > Logon Options > Enable "Automatic logon with current username and password"
    Computer Comfiguration > Policies > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page > Site to Zone Assignment List > add your site to zone 1 - Mautobu 9 years ago

Answers (0)

Be the first to answer this question

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ