Is there a way to add multiple accepted domains for SSO? The client hosting ignition is in a domain with a trust relationship with two other domains. I want users from the two trusted domains to be able to use SSO when firing up ignition. So far, the only option I can see is to re-create the user names in the domain that the client is in and use a third party tool to sync the passwords from the two trusted domains.
Hi @kwj -
Which version of Ignition are you using and what is your SSO strategy? Are you using an AD user source? If so, you could create two AD user sources with one having a soft failover to the other. In that case, when a user tries to login, if the login does not succeed against the primary user source, then the credentials are tried against the secondary user source.
1 Like
Using 7.9. We are migrating to thin clients RDP’ing to sessions on windows server. So users would login to the RDP session and ignition starts via group policy script that fires up the client launcher (I think…still planning this yet)
Hi @kwj -
I see. In that case, try out the soft-failover method I mentioned above. I believe that should work for you.
Thank you very much, that sounds like it will work and is way better than re-creating accounts and syncing passwords.
1 Like