Single Sign On (SSO) works for some CA Service Desk Manager (CA SDM) users, but does not for others


Article ID: 38611


Updated On:


CA Service Management - Service Desk Manager CA Service Desk Manager


After enabling Single Sign-On (SSO) within CA Service Desk Manager (CA SDM), whether through Tomcat (WAFFLE), IIS (IWA) or a different NTLM solution, SSO works for some CA Service Desk users, but for others it does not. It also happens for other CA Service Management solutions e.g. XFlow and CA Unified Self-Service.


There are two probable causes for this:
  1. Single Sign-On is disabled on the browser level for some users;
  2. The user does not have the right policy on the CA SDM server for SSO to work.


CA Service Management 17.1


Check if the web browser has SSO enabled by checking the web browser security settings: As Chrome uses the Internet Explorer settings, checking Internet Explorer will ensure it is enabled for both Chrome and Internet Explorer.

To check if SSO is enabled in IE, check IE's Security Settings to ensure that the CA Service Desk is added to the Trusted Site list and that the Trusted Site’s security settings allow for “Automatic logon with current user name and password.”


Check the Group Policy on the CA Service Desk server. The User requires the “Access this computer from the network” permissions. This is noted in the Windows NT Challenge/Response section on Microsoft KB 264921.