Layton ServiceDesk - FAQ - NTLM (Auto) Login
m (Bolded link) |
m (Updated links) |
||
Line 28: | Line 28: | ||
==Settings== | ==Settings== | ||
− | NTLM is automatically enabled for Analysts created using the '''[[Layton | + | NTLM is automatically enabled for Analysts created using the '''[[Layton ServiceDesk - Utilities - Import Analyst (LDAP)|LDAP (AD) Import Analyst]]''' utility. If an Analyst is created manually, then the NTLM setting must be manually enabled as it is turned Off by default. NTLM login may be disabled or enabled and will over-ride the default if set in '''[[Layton_ServiceDesk_-_Settings_-_Company_Structure_-_Manage_Analyst#General_Settings|Administration > Company Structure > Manage Analyst]]'''. |
==URL== | ==URL== |
Revision as of 23:17, 20 June 2016
Contents |
Overview
Layton ServiceDesk™ also offers NTLM Auto Login (Single Sign On). NTLM Auto Login works by comparing the username of the Windows account running the ServiceDesk web browser session against the database of users in ServiceDesk. If a match is found, then the user will be automatically logged into ServiceDesk.
Users may either save the NTLM Auto Login URL to their favorites or create a shortcut. Alternatively, you may want to create a link on the initial ServiceDesk login screen that points to the NTLM Login URL. When the user lands on the login screen, rather manually entering their credentials, they will simply click the NTLM Auto Login hyperlink and it will log the user into Layton ServiceDesk using NTLM.
Install Server Role
Watch this video to ensure that you have the necessary server role installed and configured.
Failure to install this role will result in this error when loading the auto-login page:
401 – Unauthorized: Access is denied due to invalid credentials. (You do not have permission to view this directory or page using the credentials that you supplied).
End User NTLM Configuration
Settings
NTLM is automatically enabled for End Users created using the LDAP (AD) Import End User utility. If a user is created manually, then the NTLM setting must be manually enabled as it is turned Off by default. NTLM login may be disabled or enabled and will over-ride the default if set in: Administration > Company Structure > Manage End User.
URL
NTLM Login URL:
http://SERVER_NAME/APPLICATION_NAME/EUserAuto.aspx
So if your ServiceDesk is normally accessed at http://lsdserver/LaytonServiceDesk, then your End User NTLM Login URL would be:
http://lsdserver/LaytonServiceDesk/EUserAuto.aspx
Analyst NTLM Configuration
Settings
NTLM is automatically enabled for Analysts created using the LDAP (AD) Import Analyst utility. If an Analyst is created manually, then the NTLM setting must be manually enabled as it is turned Off by default. NTLM login may be disabled or enabled and will over-ride the default if set in Administration > Company Structure > Manage Analyst.
URL
NTLM Login URL:
http://SERVER_NAME/APPLICATION_NAME/UserAuto.aspx
So if your ServiceDesk is normally accessed at http://lsdserver/LaytonServiceDesk, then your Analyst NTLM Login URL would be:
http://lsdserver/LaytonServiceDesk/UserAuto.aspx
Optional Settings
If NTLM authentication has been implemented, then you may want to disable the manual login process as it may no longer be necessary in your organization. This is done by removing the End User Login and Registration links from the ServiceDesk login screen in Administration > Form Design > Login.
Post-NTLM Login Redirection
Format
You may also create a URL which will redirect the user to a specific webpage in ServiceDesk after NTLM authentication completes. The benefit of configuring the NTLM Login Redirection is that it will provide the intended webpage regardless of whether the End User is already logged into ServiceDesk or not.
For example, the standard (non-NTLM) URL to link an End User directly to Request ID 7153 is as follows:
http://SERVER_NAME/LaytonServiceDesk/EReqInfo.aspx?sys_request_id=7153
This will successfully load Request ID 7153 for the End User if he is already logged into ServiceDesk. A problem arises, however, when the End User is not already logged into ServiceDesk. If he is not currently logged in, he will be directed instead to the ServiceDesk user not authenticated page: Your login has timed out or you have tried to access a page directly without logging in.
The End User will be required to login first, and then he may go back to click the hyperlink and finally access Request 7153.
To resolve this issue, we use the NTLM Login Redirection URL to redirect a user to the specific webpage in ServiceDesk after the NTLM Auto-Login is complete. This is done by simply appending the following to the end of your NTLM login URL:
?fwd=<your URL here>
Working from the previous example, if you wanted to provide an End User with a direct link to Request ID 7153, and at the same time allow NTLM Auto Login the URL would be formatted this way:
http://SERVER_NAME/LaytonServiceDesk/EUserAuto.aspx?fwd=http://SERVER_NAME/LaytonServiceDesk/EReqInfo.aspx?sys_request_id=7153
Usage
The email body is modified to embed the URL.
- Go to Administration > Libraries > Email Settings & Bodies.
- Click the Edit button for the Request Class you want to add a link to.
- A suggested link text would be the Request ID. In this example, the token {{sys_request_id}} has been selected and the Hyperlink button has been clicked:
- Enter this URL in the URL field, where SERVER_NAME is the name of your server:
- Click the Save button to save the email body.
Manual Login
If for any reason an Analyst needs to log in manually, this is the URL:
http://server/laytonservicedesk/Login.aspx
The Analyst will need to provide his Layton ServiceDesk username and password. If the Analyst has forgotten their password, it can be reset by an admin in Administration > Company Structure > Manage Analyst.