Configuring Single Sign-On with Windows
Users open a connection by starting the NetScaler Gateway Plug-in from the desktop. You can specify that the NetScaler Gateway Plug-in start automatically when the user logs on to Windows by enabling single sign-on. When you configure single sign-on, users’ Windows logon credentials are passed to NetScaler Gateway for authentication. Enabling single sign-on for the NetScaler Gateway Plug-in facilitates operations on the user device, such as installation scripts and automatic drive mapping.
Enable single sign-on only if user devices are logging on to your organization’s domain. If single sign-on is enabled and a user connects from a device that is not on your domain, the user is prompted to log on.
You configure single sign-on with Windows either globally or by using a session profile that is attached to a session policy.
To configure single sign-on with Windows globally
- In the configuration utility, on the Configuration tab, in the navigation pane, expand NetScaler Gateway and then click Global Settings.
- In the details pane, under Settings, click Change global settings.
- On the Client Experience tab, click Single Sign-on with Windows and then click OK.
To configure single sign-on with Windows by using a session policy
- In the configuration utility, on the Configuration tab, in the navigation pane, expand NetScaler Gateway > Policies and then click Session.
- In the details pane, click Add.
- In Name, type a name for the policy.
- Next to Request Profile, click New.
- In Name, type a name for the profile.
- On the Client Experience tab, next to Single Sign-On with Windows, click Override Global, click Single Sign-on with Windows and then click OK.
- In the Create Session Policy dialog box, next to Named Expressions, select General, select True value, click Add Expression, click Create and then click Close.