AD occasionally not working with SSO

Posted on 2009-02-10
Last Modified: 2012-05-06
I have a user that when trying to access a portal application that should pass through his authentication, it just comes up with a sign on screen.  Below are the different  scenarios that we have went through and the outcome. Any ideas?

User A on machine A - credentials are not passed through and user sees sign on screen
User A on machine B - credentials are passed through and does not see sign on screen
User C on machine A - credentials are passed through and does not see sign on screen
Question by:edensandavant
    LVL 15

    Accepted Solution

    Are any of these remote users using credentials cached on a machine not on your network?  If the password in the cached credentials on the local machine don't match the password in AD then the SSO won't work because, well, they don't match.

    Author Comment

    The user is logging into their machine daily and still seeing the sign on screen. How can I tell if the credentials are cached?
    LVL 15

    Expert Comment

    If they can log onto the machine while it's not hooked up to your network, then the credentials are cached.
    LVL 15

    Expert Comment

    That is, if they're using a domain user account.  If they're using a local user account, then it will authenticate against the computer.

    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    Join & Write a Comment

    Installing a printer using group policy preferences is not that hard let’s take a look at it. First lets open up your group policy console and edit the policy you want to add it to. I recommend creating a new policy for each printer makes it a l…
    Step by step guide to Clean and Sort your windows registry! Introduction: Always remember: A Clean registry = Better performance = Save your invaluable time In this article we're going to clear our registry manually! Yes, manually! The e…
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now