Layton ServiceDesk - FAQ - NTLM (Auto) Login

From Layton Support
Revision as of 18:54, 11 June 2013 by Tscholl (Talk | contribs)

Jump to: navigation, search

Layton ServiceDesk™ also offers NTLM Auto Logon (Single Sign On) which will authenticate by comparing the username of the currently logged in Windows account against the database of users in ServiceDesk. If there is a match, then the user will be automatically logged in, skipping the manual login procedure.

NTLM is automatically enabled for users created using the LDAP (AD) Import End User and LDAP (AD) Import Analyst utilities. If a user is created manually, then the NTLM setting must be manually enabled as it is turned Off by default.


Contents

End User NTLM Configuration

URL

NTLM login may be disabled or enabled and will over-ride the default if set in: Administration > Company Structure > Manage End User.

End User

NTLM Login URL: 

        http://SERVER_NAME/APPLICATION_NAME/EUserAuto.aspx

So if your ServiceDesk is normally accessed at http://lsdserver/LaytonServiceDesk then your End User NTLM Login URL would be: 

        http://lsdserver/LaytonServiceDesk/EUserAuto.aspx


Analyst NTLM Configuration

Settings

NTLM login may be disabled or enabled and will over-ride the default if set in Administration > Company Structure > Manage Analyst.

URL

NTLM Login URL: 

        http://SERVER_NAME/APPLICATION_NAME/UserAuto.aspx

So if your ServiceDesk is normally accessed at http://lsdserver/LaytonServiceDesk then your Analyst NTLM Login URL would be: 

        http://lsdserver/LaytonServiceDesk/UserAuto.aspx

Settings

The Login screen can be modified using Administration | Form Design | Login to remove End User login and Registration links if NTLM is to be used across the board.

For NTLM to work correctly, you must ensure that the domain login and the ServiceDesk user name are the same. When Layton ServiceDesk finds a match on the username, it will allow the user to log into Layton ServiceDesk utilizing their SSO Token.

URLs for NTLM Auto Login

Users may either save the URL to their favorites or create a shortcut.

When the user then selects the link to Layton ServiceDesk, it will no longer prompt them for their user name or password and will automatically log them in.

Alternatively, you can create a link on the initial login screen that points to an NTLM login URL. When the user lands on the login screen, rather than having to type in their credentials, they can simply click the auto-login text/icon and it will log the user into Layton ServiceDesk using NTLM.


Post-NTLM Login Redirection

You may also create a URL which will redirect the user to a specific webpage in ServiceDesk after NTLM authentication completes. The benefit of configuring the NTLM Login Redirection is that it will provide the intended webpage regardless of whether the End User is already logged into ServiceDesk or not.

For example, in Email Settings & Bodies, the standard (non-NTLM) URL to link an End User directly to his request is as follows: 

       http://SERVER_NAME/LaytonServiceDesk/EReqInfo.aspx?sys_request_id=Template:Sys request id


If this Email Notification was generated from Request ID 7153, then Template:Sys request id would be replaced with 7153 to yield the actual URL in the email body: 

       http://SERVER_NAME/LaytonServiceDesk/EReqInfo.aspx?sys_request_id=7153


This will successfully load Request ID 7153 for the End User if he is already logged into ServiceDesk. A problem arises when the End User is not already logged into ServiceDesk. If he is not already logged in, when he clicks this URL in his email, he will be directed instead to the ServiceDesk user not authenticated page: Your login has timed out or you have tried to access a page directly without logging in. This will require a manual login, at which point the End User may go back to his email to access the Request.

To resolve this issue, a NTLM Login Redirection URL may be configured to redirect a user to the specific webpage in ServiceDesk after the NTLM authentication logs the user in. This is done by simply appending the following to the end of your NTLM login URL: 

       ?fwd=<your URL here>


Working from the previous example, if you wanted to add a hyperlink to your Email Notifications to give the End Users direct access to the request, the URL would be formatted this way: 

       http://SERVER_NAME/LaytonServiceDesk/EUserAuto.aspx?fwd=http://SERVER_NAME/LaytonServiceDesk/EReqInfo.aspx?sys_request_id=Template:Sys request id
Retrieved from "http://laytontechnology.com/support/index.php?title=Layton_ServiceDesk_-_FAQ_-_NTLM_(Auto)_Login&oldid=3258"
Personal tools
Namespaces

Variants
Actions
Main Page
Online User Guides
General Support
Release Notes
Toolbox