With the advent of cloud technology, inevitably every organization uses one or the other cloud apps to ease out their business process. Storing the data on the cloud or accessing cloud applications for IT management is common. However, this development does come with a price too. With numerous applications on cloud, employees have to remember different passwords for each of their cloud application or account, which is a daunting task. What if I say, there's a comprehensive solution that offers users the capability to access all of the cloud accounts with a single credential.
Introducing ADSelfService Plus with Single Sign-On (SSO) capability. With this feature, administrators can allow end-users to access all their cloud accounts with their Active Directory or Microsoft Windows credentials and save them from the trouble of having to remember myriad passwords.
This week let me elaborate on the steps to configure SSO for Google Apps.
Configuring Single Sign-On for Google Apps:
Step 1: Configuring ADSelfService Plus
- Login to ADSelfService Plus web console with the administrator credentials.
- Navigate to Configuration --> Self-Service --> Password Synchronizer/ Single Sign-On link.
- Click on the Google Apps link and this will redirect to the configuration page.
- In the Modules drop-down list, select Single Sign-On.
- Enter the Google domain name.
- Select the Self-Service Policies from the drop-down list.
- Click Download SSO certificate button in the top right-hand side of the page.
- In the SSO/SAML details pop-up box that appears, copy the first two fields (Login URL and Logout URL) and click on the Download SSO Certificate link to download the SSO Verification Certificate. (Refer Image)
- Click Save.
Step 2: Configuring Google Apps
- Login to Google Apps with the administrator credentials.
- In the administrator console, select the Security icon.
- In the Security settings page that opens up, navigate to Set up single sign-on (SSO).
- Select SSO with third party identity provider option.
- Paste the values of the two fields that was copied from ADSelfService Plus web-console in step 1 to the the Sign-in page URL and Sign-out page URL fields. (Refer Image)
- Upload the verification certificate.
After this configuration, when users try to access their cloud applications, they will be redirected to the ADSelfService Plus server, which authenticates their accounts with either AD or Windows credentials.The solution also provides an option to access the cloud application from its web-console.