NTLM Single Sign-On Support

FileCloud supports NTLM for User Login through SSO.

Prerequisites

For NTLM SSO to work, the FileCloud Server must be connected to the AD domain.

Web Server Settings

1. Ensure the file "mod_authn_ntlm.so" exists in the c:\xampp\apache\modules folder

2. Edit the Webserver configuration file at c:\xampp\apache\conf\httpd.conf and add the following section.

   
   

   <Location /auth >

       #AllowOverride None

       AuthName "Private location"

       AuthType SSPI

       NTLMAuth On

       NTLMAuthoritative On

       <RequireAll>

           <RequireAny>

               Require valid-user

               #require sspi-user EMEA\group_name

           </RequireAny>

           <RequireNone>

               Require user "ANONYMOUS LOGON"

               Require user "NT-AUTORITÄT\ANONYMOUS-ANMELDUNG"

           </RequireNone>

       </RequireAll>

       # use this to add the authenticated username to you header

       # so any backend system can fetch the current user

       # rewrite_module needs to be loaded then

       RewriteEngine On

       RewriteCond %{LA-U:REMOTE_USER} (.+)

       RewriteRule . - [E=RU:%1]

       RequestHeader set X_ISRW_PROXY_AUTH_USER %{RU}e

     </Location>

3. Ensure the module is loaded by ensuring the following line is enabled and not disabled.
   

   LoadModule auth_ntlm_module modules/mod_authn_ntlm.so

4. Ensure you have the "auth" folder available at WWWROOT
5. Restart Webserver
6. In your browser open http://<HOSTNAME>/auth URL, it will automatically login if everything works correctly. Make sure in your browser SSO has been enabled for the site.

Browser Settings to Enable Domain User SSO Login

For Internet Explorer and Google Chrome

1. Add the site URL to trusted site
2. In the settings for trusted sites, enable User login to be sent, see screenshot below