Active Directory (on-premises) integration and SSO for Zero Trust Secure Access

Views:

Integrate with Active Directory (on-premises) to authenticate user access attempts and take action on risky account activity.

Active Directory (on-premises) integration requires the use of a Service Gateway, third-party integration settings, and SSO.

Important

You cannot configure single sign-on (SSO) from multiple IAMs. Ensure that you configure the necessary permissions and SSO on the IAM you want to use for Private Access and Internet Access authentication.

Procedure

Prepare a VMware ESXi or Microsoft Hyper-V Service Gateway appliance that connects to your on-premises Active Directory server.
Go to Zero Trust Secure Access → Secure Access Configuration → Identity and Access Management.
Click Grant permissions next to Active Directory (on-premises).

A new browser tab opens to the Third-Party Integration > Active Directory (on-premises) screen.
Connect your Active Directory server to Trend Vision One by configuring Active Directory (on-premises) integration.
Configure SSO based on the authentication protocol that your on-premises Active Directory system supports.
- SAML-based SSO: Configure your Active Directory ADFS SSO settings
- NTLM-based SSO for Internet Access: NTLM single sign-on for Internet Access