Add a desktop SSO Auth Module

Add a desktop SSO Auth Module to add a secondary authentication relationship between Access Gateway and a Kerberos instance.

An active Kerberos Configuration must exist before you can create a Desktop SSO module. See Add Kerberos application.

  1. Add an Auth Module and select Desktop SSO.

  2. Enter the following details in the Add New Auth Module dialog:
    FieldDescription
    NameName used to identify the Auth Module.

    Secure LDAP

    If you select this option, use LDAPS.

    HostURL to LDAP server and port (for example, myKerberos.example.com)

    Port

    Port for use with Active Directory (for example, 389)

    Bind User

    Username used to perform reads and writes (for example, CN=Administrator,CN=Users,DC=someuser,DC=info)

    Bind User Password

    Bind User password.

    Base

    The base DN from which the search is done (for example, CN=Users,DC=domain,DC=tld)

    User Search Attribute

    The filter used to match records returned from the Search DN (for example, accountname).

    Attributes DN

    Set of attributes returned from Active Directory and sent as SAML attributes to application (for example, cn, mail, name, userPrincipalName).

    Description

    Optional. Enter description

  3. Click Not Validated. Okta Access Gateway attempts to validate the connection. If successful, the label changes to Valid.
  4. Click Okay.