Single sign on for windows

Need to set up Single Sign on in Microsoft 2008/2012 environment.  I have installed Host Integration Server 2016 but cannot access any documentation to configure it
Microsoft has proven useless as the continually run me around to people that have no idea why I cannot access the configuration documents. We are trying to setup sso for internet access to our application servers.

Can someone get me started on this issue?
LVL 1
jimmylew52Asked:
Who is Participating?
 
Cliff GaliherCommented:
With such generic language, it is tough to be sure.  But if that is what the developer asked for, it *sounds* like they plan on authenticating against Active Directory directly  And AD had User objects with passwords (yes, encrypted) so you only need to have (or create) these users in AD to meet the current request.  You wouldn't need any other configuration or product.
0
 
Cliff GaliherCommented:
What, specifically, are you trying to accomplish?
0
 
jimmylew52Author Commented:
Allow users outside our network to use single sign on service to assess the application on our server.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
Cliff GaliherCommented:
That isn't particularly specific. But usually signing in from outside the network requires a sig- on of some sort, of course. Where "single" comes into play in your scenario is unclear to me though. Usually this would just be a sing on handled by the application. Biztalkdoesn't seem to be the right product for the job unless you left out a ton of detail.
0
 
jimmylew52Author Commented:
Trying to use microsoft's either federation server or Host Integration server.

Sorry for lack of details but this is my introduction to SSO and Microsoft has locked me out of the documents for some reason so I am flying blind.

Our customer uses SSO and wants us to have our web application SSO capable if that helps any.
0
 
Cliff GaliherCommented:
Don't worry about the technical implementation just yet.  Take ideas like BizTalk/HIS, Federation server, etc and set them aside.  Focus on the business problem you are trying to solve. It doesn't sound like you've defined it.

"Single" Sign-On, as the name implies, means that you sign into one thing  and it grants you access to many other things without needing to sign in again.

Example:  I sign into Skype with my Microsoft account, and I can access LinkedIn without needing to sign in again, even though they are separate services.  A "*single* sign on" covered both services.

So, you say your customer wants to have the web application use SSO.  Fine. But that isn't enough information.  What entity is the customer signing into?  And what benefit do they want from "single" sign-on instead of just signing into the app as-is?  You have to know what the customer wants EXPLICITLY so you can choose the right tools for the job.  Right now I'm not seeing that well defined.
0
 
jimmylew52Author Commented:
most of what you are asking is unknown at this time. Maybe I need to make a different request.

I need to now how to get my application to get its credentials from some (ant I can set up) SSO system. The development team is requesting  
entries for the "database we have some active directory entries with uid,password(encrypted) and key" to set up SSO access in the web  application.

Does that help any?
0
 
jimmylew52Author Commented:
So what they are doing has nothing to do with SSO.  OK, I will look into your first comments. SSO is going to be a necessity eventually.

Thanks for the help.
0
 
jimmylew52Author Commented:
Thanks again for the assistance.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.