Jump to: navigation, search

Prerequisites

Minimum System Requirements

  • Operating System: Microsoft Windows Server 2008/2008 R2
  • Microsoft .NET Framework 4

Windows Identity Framework

This guide provides instructions for setting up the Secure Token Service (STS) on Windows Server 2008 OS or above.

The web server needs to have the Windows Identity Foundation (KB974405) installed for the appropriate windows version/architecture.

SSL Certificate

The web server that is going to host the services must have an HTTPS binding. The certificate used for SSL can also be used for the encryption and signing of the services.

Windows Authentication

To support single sign on, the Windows Authentication role service for the Web Server (IIS) role must be installed. This can be found in the Security section of the role services.

Active Directory Login User Field

Performance DNA will need to be configured with a mapping between users’ Active Directory (AD) accounts and their Performance DNA accounts. This can be defined either as the login ID in Performance DNA for new deployments (which must then match the users’ AD login accounts) or as an additional Performance DNA user field which must then be populated with AD account names for upgrades.

Important
If you are accessing the services through a FQDN, you should ensure that clients see that FQDN as a local intranet site, otherwise windows will not pass the users credentials to the site. These settings may be found in Internet Options and will apply to all supported browsers other than Mozilla Firefox.


To support AD authentication via Firefox, follow the instructions for configuring Firefox to use Kerberos for SSO (https://docs.fedoraproject.org/en-US/Fedora//html/Security_Guide/sect-Security_Guide-Single_Sign_on_SSO-Configuring_Firefox_to_use_Kerberos_for_SSO.html).
This page was last edited on June 12, 2019, at 10:09.
Comments or questions about this documentation? Contact us for support!