Use Trusted Agent Server with Windows Domains
When integrating CSM with multiple domains, you can configure single sign-on user authentication by associating a particular Windows Domain with a Trusted Agent Group or Service.
Before you can use Trusted Agent to authenticate Users through a Windows Domain, you must first configure Trusted Agent. For more information, see Configuring Trusted Agent.
Trusted Agent for Windows Domains does not provide pass-through authentication for Windows users. Users must still supply their user name and password in order for their Windows credentials to be validated using the Trusted Agent.
LDAP directory configuration is not required when using Windows.
To enable Windows Domains for Trusted Agent:
- Verify that CSM is configured for Windows domains:
- In CSM Administrator, select the Security category and then select the Edit security settings task. Select each client page (Desktop Client, Browser Client, etc.) and verify that Windows is selected as a login mode.
- Create or open a Blueprint, and then select Tools > Windows Domains. Specify the domain name of the network.
- On the Windows Domain Settings window, select the Trusted Agents page.
- Select the Use Trusted Agents check box.
If you want to disable Trusted Agent for this Windows domain, clear the Use Trusted Agents check box.
- Select one of these group options:
- Any Trusted Agent Group: Select to allow any group to handle requests for this domain.
- Trusted Agent Group: Select a specific group to handle requests for this domain.
- Select OK.