cancel
Showing results for 
Search instead for 
Did you mean: 

Windows File Access SSO Radius Domain

dawebman_
New Contributor

Windows File Access SSO Radius Domain

Currently we are doing authentication through radius with tokens as the second factor when logging into the SA.

 

Now I am trying to setup web access to Windows File Shares. I would like to make the logon to the Windows File Share as easy as possible for the users. The credentials for the the Windows File Shares are NOT synced with the radius credentials used to logon to the SA.

 

Having said that, in most cases the username is the same, and in a lot of cases people end up using the same password for the Windows FIle Shares and the radius. We are not an AD shop, and not everyone who will logon to the SA has AD credentials, this is my we use radius.

 

I have been playing with the SSO settings. I think what I would like to do is attempt to re-use the username and password from the radius logon and somehow pass the domain name as well. If the credentials fail (since they aren't always the same) I would like to prompt the user for the password and autofill in the domain (since this never changes) and the username since it is usually the same as the radius username.

 

I was hoping I could get some advise on how to do this, or something else that would be as easy for the user as possible.

 

Concerns:

My users are already providing two factors at login to the SA, so I'm trying to limit how many times they need to login.

- Users don't know what their domain is, so if they need to enter this it may prove difficult for them.

 

I appreciate the help...

4 REPLIES 4
jayLaiz_
Super Contributor

Re: Windows File Access SSO Radius Domain

Hi,

 

Since the password is not synced, it is not recommended to do SSO as user's can get failure messages to log on.

 

Under resource policies--->Files--->windows SSO, configure an SSO policy for the file share with action set to

 

 

It will force user to type in the username and password for the file share with domain name populated.

 

Regards,

Jay

SVK_
Regular Contributor

Re: Windows File Access SSO Radius Domain

Hi dawebman,

 

Domain will be populated but the username cannot be populated. Because when we enter the username in the setting and when the password is left blank SSO would be tried  and would fail as the password is a null password..

 

If we know or have something in common for users who have same credential on both radius and windows share. we can configure a detailed rule as to whom this policy needs to be applied to


Regards,

SVK

 

 

dawebman_
New Contributor

Re: Windows File Access SSO Radius Domain

Thanks for the info SVK. How can I have the domain pre-filled in and then prompt the user for the uername/password?

dawebman_
New Contributor

Re: Windows File Access SSO Radius Domain

Just wanted to let everyone know it is possible to try to SSO into a Windows file share with credentials in case they are the same as the primary authentication (Radius) and then prompt  the user if they are not correct : )