Search Results :

×

SSO from Multiple Active Directories / LDAP Server using Kerberos Protocol

SSO from Multiple Active Directories / LDAP Server using Kerberos Protocol


Kerberos is an authentication protocol that supports the concept of Single Sign-On (SSO). It is a cryptography-based authentication protocol that is designed to provide secure authentication over an insecure network by allowing users to authenticate while preventing passwords from being sent over the internet. Kerberos mainly works on the basis of tickets between two or more different nodes in an insecure network. Once the user enters his LDAP/Active Directory credentials a ticket is generated which allows direct access to the user without needing to enter the credentials on next login (till the session expires).


miniorange icon

Kerberos / NTLM SSO Plan

By miniOrange

Plans & Pricing Get a Full-featured Trial

Scenario:

  1. You have Multiple Active Directories/ LDAP Servers which contain information of AD objects like users, computers, electronic devices, etc.
  2. You want to allow Active Directory users to SSO into your web application (WordPress website).
  3. You want to restrict other users to access the content of your WordPress website.

Components involved:

WordPress Kerberos/NTLM Add-on allows the users to configure the Single Sign On (SSO) from single Active Directory as well Multiple Directory Servers using Kerberos protocol.


Solution:

In this setup, WordPress acts as a website / web application which is used by user to Single Sign On (SSO) using their LDAP/Active Directory credentials with Kerberos protocol:

  1. The WordPress Kerberos/NTLM add-on needs to be installed on the WordPress site for which you want to enable Single Sign On(SSO) along with WordPress LDAP/AD Login for Intranet Sites premium plugin.
  2. You will also need to completely configure WordPress LDAP/AD Intranet Premium Plugin beforehand.
  3. The Kerberos Authentication with Multiple Active Directory needs to be set up on the server where your WordPress site is hosted. You can refer to this guide to setup Kerberos Authentication on your server depending on which Operating System you are using.
  4. Once you have successfully completed the configuration, users will be able to SSO into your wordpress.

SSO for multiple active directories and kerberos authentication

End user experience:

  • After installing and configuring the WordPress LDAP/AD Login for Intranet sites premium plugin along with WordPress Kerberos/NTLM add-on, users can auto login into your wordpress site without a need of entering their credentials from a domain joined machine.
  • With this plugin and add-on, wordpress will directly fetch and update the user profile information from the Active Directory, whenever user auto logins to your website.

Conclusion:

The WordPress LDAP/AD Login for Intranet sites allows a seamless user experience by authentication users into your wordpress site with their Active Directory credentials and auto login(SSO) using WordPress Kerberos/NTLM add-on. The plugins support authenticating users from multiple Active Directory domains to your wordpress site.

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com