Configuring SSO for WCC and EEM is simple. However, our documents are not clear on what is required. With this document, we outline the requirements and steps to accomplish this.
All Supported Releases of AutoSys WebUI/WCC
To configure WCC with SSO
1. Ensure EEM is configured with the AD that has the domain users
Configuring EEM with NTLM
Do the following before you configure NTLM authentication:
2. Enable SSO (NTLM) from WCC Configuration tab
To enable SSO (NTLM) set Single Sign-On to NTLM with the Configuration Preferences under the Configuration tab and click on Save.
The Single Sign-On category contains the following fields:
Indicates whether single sign-on using NTLM authentication protocol or integration with CA Siteminder is enabled. CA WCC uses NTLM protocol or CA Siteminder to authenticate your session when single sign-on is active. To disable single sign-on, select None. If you disable single sign-on, CA WCC requires you to authenticate your session by entering login credentials.
Default: Not selected
Indicates whether to force NTLM authentication when the browser is Kerberos capable. When this check box is selected and single sign-on is active, CA WCC overrides Kerberos protocol and uses NTLM protocol to authenticate your session. If you disable this option, CA WCC requires you to authenticate sessions that you open on Kerberos compatible browsers by entering your login credentials.
Now when you log out of WCC and go back to the Login Screen, the link option, “Log in automatically using Windows credentials” will be available. WCC with SSO (NTLM) is now enabled.
Configuring WCC with NTLM / SSO
You can use NTLM protocol to configure single sign-on capability. CA WCC does not support Kerberos authentication protocol but compatibility with Kerberos can be enabled by selecting the Force Kerberos compatibility checkbox. If you do not enable NTLM, CA WCC requires you to authenticate your session by entering login credentials.