Add a desktop SSO Auth Module
A desktop SSO Auth Module can be used to add a secondary authentication relationship between Access Gateway and a Kerberos instance.
To add a desktop SSO Auth Module:
-
Add an Auth Module as described in Add an Auth Module and select Desktop SSO.
After selecting Desktop SSO, the Add New Auth Module page opens, configured for Kerberos.
An active Kerberos Configuration is required before a Desktop SSO module can be created. See Add Kerberos application for information on adding Kerberos services.
- Enter the following details:
Field Description Example Name Name used to identify the Auth Module Desktop SSO AM Secure LDAP
When checked, use LDAPS instead of LDAP
Defaults to unset
Host URL to LDAP server and port myKerberos.example.com Port
Port for use with Active Directory
389
Bind User
Username used to perform reads and writes
CN=Administrator,CN=Users,DC=someuser,DC=info
Bind User Password
Bind User Password
password
Base
The base DN from which the search is done
CN=Users,DC=domain,DC=tld
User Search Attribute
The filter used to match records returned from the Search DN.
accountname
Attributes DN
Set of attributes returned from Active Directory and sent as SAML attributes to application
cn, mail, name, userPrincipalName
Description
Optional. Enter description
Desktop SSO Auth Module
- Click the Not Validated (
)button when complete. Okta Access Gateway validates the connection.
If the validation is successful, the button changes to Valid (
). - Click Okay.