Add a Desktop SSO Auth Module

An Desktop SSO Auth Module can be used to add a secondary authentication relationship between Access Gateway and a Kerberos instance.

To get started add an Auth Module as described in Add an Auth Module selecting Desktop SSO.

After selecting Desktop SSO the Add New Auth Module page will be displayed, configured for Kerberos.

Info

Note

An active Kerberos Configuration is required before a Desktop SSO module can be created. See Add a Kerberos App for information on adding Kerberos services.

  1. Enter the following details:
    FieldDescriptionExample
    NameName used to identify the Auth Module.Desktop SSO AM

    Secure LDAP

    When checked use LDAPS rather then LDAP

    Defaults to unset

    HostURL to LDAP Server and port.myKerberos.example.com

    Port

    Port for use with Active Directory

    389

    Bind User

    Username used to perform reads and writes.

    CN=Administrator,CN=Users,DC=someuser,DC=info

    Bind User Password

    Bind User Password.

    password

    Base

    The base DN from which to perform the search.

    CN=Users,DC=domain,DC=tld

    User Search Attribute

    The filter used to match records returned from the Search DN.

    accountname

    Attributes DN

    Set of attributes returned from Active Directory and sent as SAML attributes to application

    cn, mail, name, userPrincipalName

    Description

    Optional description

    Desktop SSO Auth Module

  2. Click the Not Validated ()button when complete.
    Okta Access Gateway will validate the connection.
    On success the button will turn green () and show that the connection is valid.
  3. Once complete click Okay to complete the creation of the Auth Module or Cancel to cancel.