With Trakdesk Single Sign On capabilities, you can use your own applications or server like (Microsoft Active Directory) to authenticate users to your helpdesk without having to enter a separate username and password.
This article describes how to configure SSO for Microsoft Active Directory on Windows server 2008.
Configuring your Windows Server
You need IIS and ASP installed on your Windows server for this to work. Your IIS server has to be part of your domain and have access to your domain controller.
For the IIS Roles Services, install the following;
- Application Development
- Server Side Includes
- Basic Authentication
Once the roles and services has been installed, you then have to configure the authentication of your IIS server. Trakdesk works with the "Basic Authentication".
Note: Make sure to disable Anonymous Authentication or else users will not get prompted to enter their Windows username and password and will lead to a failed login.
Enabling Simple SSO
- Login to your helpdesk as an administrator.
- Go to the Admin Page.
- Select the Security Settings option. Enable Single Sign On and select Simple SSO.
Downloading and configuring the authentication script
- Download the ASP authentication script from this link:https://d2vsckke8ub29r.cloudfront.net/apps/ms_active_directory/trakdesk_ms_active_directory_auth.zip
- Unzip the .zip file and and copy the auth.asp file.
- Create a new folder in your IIS server root and name it "trakdesk". Example; c:\insetpub\wwwroot\trakdesk\
- Place the script into the trakdesk folder.
Once done, open the script in Notepad or any other text editor.
- Configuring a username and password
' Credentials for a domain user for LDAP accessEnter a valid username and password that has READ ONLY access to all user accounts for the LDAP lookup.
sLdapReaderUsername = "Domain\Username"
sLdapReaderPassword = "Password"
- Configuring your SSO secret and helpdesk URL
' Shared secret from the remote authentication pageEnter your SSO Shared Secret and your helpdesk URL. You can find your SSO Shared Secret in Admin -> Security Settings.
sSharedSecret = "YOUR_SHARED_SECRET"
sHelpdeskURL = "YOUR_TRAKDESK_URL/auth/sso"
Helpdesk URL example: https://subdomain.trakdesk.com/auth/sso
Once completed, save the file and execute the script. You can execute the script in your browser.
For example: http://yourserver/trakdesk/auth.asp
If properly configured, your browser will redirect and automatically authenticate you to your helpdesk using your MS Active Directory account.
For debugging, you can call the script with debug=1.
For example: http://yourserver/trakdesk/auth.asp?debug=1
Note: Your IIS server does not need to have access to the internet for this script to work.