Following steps will illustrate how to configure Single-Sign-On (SSO) for Internet Information Server (IIS) 8.0 and CA Service Desk Manager (CA SDM) r12.9/14.1/17.x
1. In order to enable SSO IIS within CA SDM, the following modification needs to be done at the CA SDM Access Type level.
2. Proceed to make the necessary modifications to the IIS 8.0 web server.
- Log into CA SDM as an Administrator and navigate to ADMINISTRATION -> SECURITY AND ROLE MANAGEMENT -> ACCESS TYPES
- Select the ADMINISTRATION ACCESS TYPE - the Administration Access Type Detail screen will appear
- Modify the "Allow External Authentication" option to YES. If you require any other CA SDM Access type (i.e. Employee) to have SSO, you will need to make the same change to its Access Type configuration as shown in Figure 1.
- IIS 8.0 has been installed on the server where CA SDM is installed (please refer to KB000048654 for instructions on how to install and configure IIS 8.0)
- CA SDM has been successfully configured to use IIS 8.0
1. Open the IIS Manager from the Administrative Tools menu as shown in Figure 2.
2. In the left hand pane, expand the HOSTNAME NODE, where "hostname" is the name of the Windows 2012 server. Expand the SITES node. Expand the DEFAULT WEB SITE node. Click on the CAisd node to display the CAisd Home Page as shown in Figure 3.
3. Double click on AUTHENTICATION to display the Authentication settings as shown in Figure 4.
4. Ensure that the ANONYMOUS AUTHENTICATION option is set to DISABLED and the WINDOWS AUTHENTICATION option is set to ENABLED as shown in Figure 5.
5. Click on DEFAULT WEB SITE. Double click on AUTHENTICATION to display the Authentication settings.
6. Ensure that WINDOWS AUTHENTICATION is set to ENABLED as shown in Figure 6.
7. Click on the HOSTNAME NODE, right-click and select STOP and then START to restart IIS to apply the changes as shown in Figure 7.
8. Launch the CA SDM web interface and login using an access type configured for SSO in Step #1 above.