The Windows-SSO or “Authorization” is the classic version of SSO.
It uses the standard mechanic of authorizing a user login over the usergroup assignment.
To authenticate the user, additionally to username and password, the groups are used.
Their groups will be mapped and matched against the AD groups.
(higher security, less maintenance)
Open Jedox Web and navigate to the “Administration” Tab.
- Select “Groups”
- Add group
In comparison to simple LDAP it is necessary to create groups in a specific way:
- Enter a group name that matches the domain name and the group name of the Active Directory.
- Activate this group with “Active” check mark.
To match the AD group name is mandatory. As prefix, the domain name is mandatory, separated through a backslash
- Select a role that should be used for this group.
- Assign it.
- Save the settings.
- Now you should see the new added group
- After a successful login you should be able to see the new user with the same domain prefix assigned to the AD-group.
- Users will be logged in automatically
- Users will be created automatically
- Groups will be assigned automatically
- If there are several groups which match the AD, the user will be assigned to all matching groups.
Next SSO configuration step: SSO Configuration of a Browser as Jedox Web Client and / or SSO Configuration for Excel Add-in