Thursday, 1 December 2011

Prepare for Single Sign-on


To use single sign-on, your Active Directory must be Windows Server 2003 or above with a functional level of mixed or native mode.

In addition, the domain that you want to use for identity federation must be a public domain (e.g. it cannot be yourdomain.local) registered with a domain registrar. If you are using an AD domain name which is not a public domain, you will need to add your public domain (e.g. yourdomain.com) as User Principle Name (UPN) for your AD domain.

To create UPNs, follow these instructions:

On you Domain Controller navigate to Start -> Administrative Tools and open Active Directory Domains and Trusts.

Right-click Active Directory Domains and Trusts, and then click Properties

On the UPN Suffixes tab, in the Alternative UPN suffix field type your public domain (e.g. yourdomain.com) and then click Add.

Once done, click the OK button

No comments:

Post a Comment