ADManager Plus offers a built-in option to configure Active-Directory-based SSO to access or log in to it. This SSO option supports both NTLMv2- and SAML-based authentication.

Steps to configure SSO to log in to ADManager Plus

1. Click the Delegation tab.
2. Go to Configuration and select Logon Settings.
3. On the Logon Settings page, click the Single Sign-On tab.
4. Select the Enable Single Sign-On with Active Directory option.
5. Based on your needs, select NTMLv2 or SAML authentication.
   • NTML Authentication

     ADManager Plus uses Jespa for NTMLv2 SSO authentication. In builds 7162 and above, the Jespa JAR file has to be downloaded and added to ADManager Plus' lib folder before enabling NTMLv2 SSO. Click here to learn more.

     • Select the NTLMv2 Authentication option.
     • Select the domains that you wish to enable single-sign on for from the Select Domainsdrop-down box.
     • Click Save Settings.
   • SAML Authentication
     • Configure ADManager Plus in the identity provider (IdP) of your choice using the steps mentioned here, and download the Metadata file from the IdP. 

       Note: Okta, OneLogin, Pingidentity, ADFS, or any SAML-based IdP or custom IdP can be used.

     • To configure the IdP in ADManager Plus, select the relevant IdP from the Identity Provider drop-down list.
     • In SAML Config Mode, select the Upload Metadata File option.
     • Browse and upload the metadata file downloaded while configuring ADManager Plus in your IdP application.
     • Select the Force SAML Login option located at the bottom of this page if you wish to force users to log in to ADManager Plus only through SSO.
     • Click Save.