Avatar

Anand Lall

Active Directory Integration

Last updated
Available in
  • Starter
  • Professional
  • Business
  • Enterprise

With Trakdesk Single Sign On capabilities, you can use your own applications or server like (Microsoft Active Directory) to authenticate users to your helpdesk without having to enter a separate username and password. 

This article describes how to configure SSO for Microsoft Active Directory on Windows server 2008.

Configuring your Windows Server

You need IIS and ASP installed on your Windows server for this to work. Your IIS server has to be part of your domain and have access to your domain controller.

Image titleFor the IIS Roles Services, install the following;

  • Application Development
  • ASP.NET
  • ASP
  • Server Side Includes
  • Basic Authentication

Image titleOnce the roles and services has been installed, you then have to configure the authentication of your IIS server. Trakdesk works with the "Basic Authentication". 

Image title

Note: Make sure to disable Anonymous Authentication or else users will not get prompted to enter their Windows username and password and will lead to a failed login.

Enabling Simple SSO

  • Login to your helpdesk as an administrator.
  • Go to the Admin Page.
  • Select the Security Settings option. Enable Single Sign On and select Simple SSO.
    Image title

Downloading and configuring the authentication script

Once done, open the script in Notepad or any other text editor. 

  • Configuring a username and password 

    ' Credentials for a domain user for LDAP access
      sLdapReaderUsername = "Domain\Username"
      sLdapReaderPassword = "Password"

    Enter a valid username and password that has READ ONLY access to all user accounts for the LDAP lookup.
  • Configuring your SSO secret and helpdesk URL

    ' Shared secret from the remote authentication page
       sSharedSecret = "YOUR_SHARED_SECRET"
       sHelpdeskURL = "YOUR_TRAKDESK_URL/auth/sso"

    Enter your SSO Shared Secret and your helpdesk URL. You can find your SSO Shared Secret in Admin -> Security Settings.

    Helpdesk URL example: https://subdomain.trakdesk.com/auth/sso

Once completed, save the file and execute the script. You can execute the script in your browser. 

For example: http://yourserver/trakdesk/auth.asp

If properly configured, your browser will redirect and automatically authenticate you to your helpdesk using your MS Active Directory account.

Debugging

For debugging, you can call the script with debug=1. 

For example: http://yourserver/trakdesk/auth.asp?debug=1

DEBUG: TRAKDESK\test - should be of the form DOMAIN\username - if blank, your IIS probably allows anonymous access to this file.
DEBUG: DomainContainer: DC=Trakdesk,DC=com
DEBUG: Full name: Test User
DEBUG: Email: test@trakdesk.com
DEBUG: Redirecting to: https://domain.trakdesk.com/auth/sso?full_name=Test&email=test%40trakdesk%2Ecom&tstp=1465970777&hash=46f0ed5372e1d22d87658f90d4be468d

Note: Your IIS server does not need to have access to the internet for this script to work.

2 of 3 found this helpful

Can you give us your feedback so we can improve this article?

Why you did not find this article helpful?

Have more questions?

Comments(0)

Sign In to post a comment