Legacy SSO support leveraging Active Directory Integrated Authentication
Note: Feature not available for Imagicle UCX Cloud suite
Imagicle UCX Suite supports Single Sign On (SSO) authentication to the web interface using the Windows domain user.
Requirements
Edge, Firefox or Chrome web browsers
The UCX Suite server and the client PC must belong to the same Windows Domain
In Active Directory, the user Principal Name must be equal to the ssamAccountName
How enable Single Sign On
Make sure UCX Suite users have both Active Directory Username and the Domain fields populated. You can set them through the Users Management web page and within Synch Rules.
Under Admin ⇒ System Parameters ⇒ User Authentication settings, select "Active Directory/LDAP -> UCX Suite"
To log in trough Single Sign On, users must enter the following link in web browser:
http://<Imagicle_IP>/fw/Autologin.asp
If authentication fails you get redirected to the standard login page. In this case, please check that the server is joint to the right domain, that you can ping the domain controller from the UCX Suite server, and that the above requirements are met.
Note:
By default, web browser identifies a Web site or a share as in the Internet zone, when the URL is an IP address or a FQDN containing periods.
By default, web browser allows autologon only in Local intranet sites.
So, to have SSO working you have three ways:
Connect to UCX Suite using the hostname, like: http://ias/fw/autologin.asp
Connect to UCX Suite using FQDN (ucs.imagicle.com) or IP address, and add it to the Local intranet zone: Tools ⇒ Internet options ⇒ Security ⇒ Local intranet ⇒ Sites ⇒ Advanced ⇒ http://<IP_or_FQDN>/ ⇒ Add
Connect to UCX Suite using any option and change the security level of the Internet zone: Tools ⇒ Internet options ⇒ Security ⇒ Internet ⇒ Custom level ⇒ User Authentication ⇒ Logon ⇒ Automatic logon only in Intranet zone ⇒ Automatic logon with current user name and password