Product Documentation

Configuring Single Sign-On with Windows

Feb 05, 2014

Users open a connection by starting the NetScaler Gateway Plug-in from the desktop. You can specify that the NetScaler Gateway Plug-in start automatically when the user logs on to Windows by enabling single sign-on. When you configure single sign-on, users’ Windows logon credentials are passed to NetScaler Gateway for authentication. Enabling single sign-on for the NetScaler Gateway Plug-in facilitates operations on the user device, such as installation scripts and automatic drive mapping.

Enable single sign-on only if user devices are logging on to your organization’s domain. If single sign-on is enabled and a user connects from a device that is not on your domain, the user is prompted to log on.

You configure single sign-on with Windows either globally or by using a session profile that is attached to a session policy.

To configure single sign-on with Windows globally

  1. In the configuration utility, on the Configuration tab, in the navigation pane, expand NetScaler Gateway and then click Global Settings.
  2. In the details pane, under Settings, click Change global settings.
  3. On the Client Experience tab, click Single Sign-on with Windows and then click OK.

To configure single sign-on with Windows by using a session policy

  1. In the configuration utility, on the Configuration tab, in the navigation pane, expand NetScaler Gateway > Policies and then click Session.
  2. In the details pane, click Add.
  3. In Name, type a name for the policy.
  4. Next to Request Profile, click New.
  5. In Name, type a name for the profile.
  6. On the Client Experience tab, next to Single Sign-On with Windows, click Override Global, click Single Sign-on with Windows and then click OK.
  7. In the Create Session Policy dialog box, next to Named Expressions, select General, select True value, click Add Expression, click Create and then click Close.