Changes to the single sign-on (SSO) feature in SEDR 4.4.
book
Article ID: 191670
calendar_today
Updated On:
Products
Endpoint Detection and Response
Issue/Introduction
As of Symantec EDR 4.4, changes to the SSO feature require that you to perform actions after migration to continue to use this feature.
Resolution
Identity provider (IdP)
Actions
Norton Secure Login (NSL)
NSL is no longer supported. Upon migration, the SSO link on the EDR appliance console logon page and related settings on the Settings > Data Sharing page no longer appear. To continue using SSO, configure a new identity provider (IdP) (for example, Okta).
IdP other than NSL
If you use an IDP other than NSL for SSO, update your configuration as follows:
In the EDR appliance console on the left navigation pane, click Settings > Data Sharing.
In the Single Sign-On section, click the three vertical dots to reveal edit icons for each of the SSO configuration panels.
Click URLs for Identity Provider.
Copy and paste the Symantec EDR URLs to the appropriate fields in your IdP administration console.
Download the Symantec EDR sso.cert and upload it to your IdP.
Verify that the fields in the other panels are still the proper parameters for your IdP.