Single Sign On (SSO) works for some CA Service Desk Manager (CA SDM) users, but does not for others

book

Article ID: 38611

calendar_today

Updated On:

Products

CA Service Management - Service Desk Manager CA Service Desk Manager

Issue/Introduction

After enabling Single Sign-On (SSO) within CA Service Desk Manager (CA SDM), whether through Tomcat (WAFFLE), IIS (IWA) or a different NTLM solution, SSO works for some CA Service Desk users, but for others it does not. It also happens for other CA Service Management solutions e.g. XFlow and CA Unified Self-Service.

Cause

There are two probable causes for this:
  1. Single Sign-On is disabled on the browser level for some users;
  2. The user does not have the right policy on the CA SDM server for SSO to work.

Environment

CA Service Management 17.1

Resolution

Check if the web browser has SSO enabled by checking the web browser security settings: As Chrome uses the Internet Explorer settings, checking Internet Explorer will ensure it is enabled for both Chrome and Internet Explorer.
 

To check if SSO is enabled in IE, check IE's Security Settings to ensure that the CA Service Desk is added to the Trusted Site list and that the Trusted Site’s security settings allow for “Automatic logon with current user name and password.”

 





Check the Group Policy on the CA Service Desk server. The User requires the “Access this computer from the network” permissions. This is noted in the Windows NT Challenge/Response section on Microsoft KB 264921.

Attachments