Active Directory Authentication in SaaS Help Desk
Even the hosted version of our helpdesk now supports Active Directory user authentication via Windows-integrated authentication. We've added a small script that you can install under your local IIS server, that will authenticate your users against LDAP using Windows-integrated accounts and then redirect them back to the SaaS help desk app.
Before we introduced this feature, your only option was to install Jitbit Helpdesk on your local server and host it yourself, if you needed to integrate with Active Directory. But not anymore – we have found a way to use Active Directory with our servers remotely. Now you can combine all the benefits of using the cloud-hosted helpdesk with the comfort of a local user catalog. It is completely secure and requires very little setup on your side. But you will still need a server with IIS installed ("IIS" stands for "Internet Information Server", which is a basic web-server that comes included with all Windows Server editions).
Single Sign On (SSO) options including SAML
Before we move on with the local script installation you might want to check out other ways to enable "Single Sign On". Please explore all the options here
Active Directory - Single Sign On into SaaS Helpdesk
Your local IIS server does not have to be in the DMZ zone, or have access to the Internet, it works on the client-side and works right out of the box - you just have to specify the "shared secret" in the IIS script.
To set up the AD-integrated authentication, go to the "Administrator - General settings" find the "Shared secret for remote authentication" textbox and you will see the AD script download link right next to it.
- Download the script from the helpdesk app admin area
- Place this script in a folder on your local IIS, and disable anonymous access for the script.
- Edit this script and add a valid username/password for the LDAP lookups by setting the variables sLdapReaderUsername and sLdapReaderPassword.
- Set the sSharedSecret and sReturnURL variables to your secret and your helpdesk application URL
- WHEN READY - simply open this script in a browser (e.g. http://yourserver/iis_auth.asp) and you'll be redirected to the helpdesk app. For debugging, call this script with debug=1 as a parameter (e.g. http://yourserver/iis_auth.asp?debug=1)