Hi All
We have an HA web front-end where users currently login. We are considering full SSO where internal users' credentials will be automatically passed and as such applications presented once they hit the web portal page - a guide to implementing this https://jwcooney.com/2014/03/11/allow-single-sign-on-for-remoteapps-in-windows-2012/
A UAG provides VPN access to external staff with corporate devices, so they will appear on the internal network.
Future consideration to allow external connections from non-staff devices.
Can anyone see negative side-effects of Web portal SSO? I've discovered a couple of obvious and minor:
- Users wishing to utilise alternative login credentials can't (or can they somehow?)
- The private computer check box is presented on each page, but its setting never remembered.
- Would have to force selection or remove the Private/Public check, but external non-staff users wouldn't have a choice and wouldn't be presented with the Login warning disclaimer.
- Is WebPortal SSO supported by MS?
Maybe multiple Web front ends are required, one for staff with SSO, one non-staff without SSO?
Any other side-affects or things to consider?
Cheers
Lea