Configure Agentless Desktop SSO - new implementations

Note: The steps in this topic apply to orgs that implement the Generally Available (GA) version of this feature as released in the 2019.09.0 release. That is, you implement this feature after September 1, 2019. If you implemented the Early Access (EA) version of this feature for the first time before September 1, 2019, refer to the instructions in Configure Agentless Desktop SSO .

Desktop SSO (DSSO) is the functionality that allows users to be automatically authenticated by Okta, and any apps accessed through Okta, whenever they sign-in to your Windows network. It provides a superior user-experience as users don’t have to sign in multiple times.

Traditionally, enabling Desktop SSO required deploying IWA agents. Agentless desktop SSO eliminates the need to deploy IWA agents across Active DirectoryActive Directory (AD) is a directory service that Microsoft developed for the Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services. Initially, Active Directory was only in charge of centralized domain management. domains to enable DSSO. This enables you to have no maintenance overhead and also removes the burden of worrying about High Availability as Okta handles the KerberosKerberos is a computer-network authentication protocol that works on the basis of tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. validation. ClosedDiagram


Procedures that may apply to your environment