Help

Single Sign-On when already using LDAP

kentmj
New Contributor III

Posted on ‎03-01-2018 08:20 AM

Just wondering if there is any benefit to setting up SSO if we are already using LDAP with Active Directory and it has been working fine for years. Any additional functionality? Thanks.

0 Kudos
3 REPLIES 3

RogerH
Contributor II

Posted on ‎03-01-2018 11:32 AM

My Understanding is no there really is no benefit. I believe you get more functionality from LDAP integration than SSO

0 Kudos

dmangan
New Contributor

Posted on ‎03-01-2018 05:04 PM

We opted to set up SSO via SAML so that users would have to authenticate using an MFA code in addition to their password.

0 Kudos

mschroder
Valued Contributor

Posted on ‎03-02-2018 08:00 AM

In my eyes it is a huge benefit that users see the organisations login page instead of yet another login page. No need for the user to wonder whether that YALP is trustworthy or not. Each additional login page increases the risk that the user gives his credentials to any site that asks for it.

And I love to just use my kerberos token to authenticate instead of having to type username and password.

Now if JAMF would accept SSO with certificates that would be really nice for the users that don't have a kerberos token at hand.