Following steps will illustrate how to configure Single-Sign-On (SSO) for Internet Information Server (IIS) 8.0 and CA Service Desk Manager (CA SDM) r12.9 / 14.1 /17.x
1. In order to enable SSO IIS within CA SDM, the following modification needs to be done at the CA SDM Access Type level.
- Log into CA SDM as an Administrator and navigate to ADMINISTRATION -> SECURITY AND ROLE MANAGEMENT -> ACCESS TYPES
- Select the ADMINISTRATION ACCESS TYPE - the Administration Access Type Detail screen will appear
- Modify the "Allow External Authentication" option to YES. If you require any other CA SDM Access type (i.e. Employee) to have SSO, you will need to make the same change to its Access Type configuration as shown in Figure 1.
2. Proceed to make the necessary modifications to the IIS 8.0 web server.
- IIS 8.0 has been installed on the server where CA SDM is installed (please refer to Article for instructions on how to install and configure IIS 8.0)
- CA SDM has been successfully configured to use IIS 8.0
1. Open the IIS Manager from the Administrative Tools menu as shown in Figure 2.
2. In the left hand pane, expand the HOSTNAME NODE
, where "hostname" is the name of the Windows 2012 server. Expand the SITES
node. Expand the DEFAULT WEB SITE
node. Click on the CAisd
node to display the CAisd Home Page as shown in Figure 3.
3. Double click on AUTHENTICATION
to display the Authentication settings as shown in Figure 4.
4. Ensure that the ANONYMOUS AUTHENTICATION
option is set to DISABLED
and the WINDOWS AUTHENTICATION
option is set to ENABLED
as shown in Figure 5.
5. Click on DEFAULT WEB SITE
. Double click on AUTHENTICATION
to display the Authentication settings.
6. Ensure that WINDOWS AUTHENTICATION
is set to ENABLED
as shown in Figure 6. (See Additional Information if you do not see Windows Authentication here)
7. Click on the HOSTNAME NODE
, right-click and select STOP
and then START
to restart IIS to apply the changes as shown in Figure 7.
8. Launch the CA SDM web interface and login using an access type configured for SSO in Step #1 above.