Configuring Integrated Windows Authentication¶
Vinyl can integrate with Active Directory using Integrated Windows Authentication (IWA).
Configuration involves the following procedures:
- Installing the Windows Authentication service on Windows.
- Enabling Windows Authentication on the Vinyl web application.
- Creating a Vinyl security provider.
Requirements¶
In order to proceed, you will need:
- Administrator access to the web server hosting Vinyl.
- Administrator access to Vinyl.
Installing the Windows Authentication service on Windows¶
Windows Authentication is service of the Web Server (IIS) role. The Windows Authentication service is not installed by default. The following document describes how to install the Windows Authentication service:
https://www.iis.net/configreference/system.webserver/security/authentication/windowsauthentication
Enabling Windows Authentication on the Vinyl Web Application¶
Once the Windows Authentication service has been installed, you will need to enable Windows Authentication on the Vinyl web application within IIS.
-
Launch the* Internet Information Services (IIS) Manager. In the *Connections** pane, locate and select the Vinyl application.
-
Typically, the Vinyl application is located beneath Sites → Default Web Site. However, it may have been installed under a different web site or directory.
-
Double-click the Authentication icon.
-
Select the Anonymous Authentication item.
-
Click the Disable link the Actions pane.
-
Select the Windows Authentication item.
-
Click the Enable link in the Actions pane.
Creating a Vinyl Security Provider¶
Integrated Windows Authentication (IWA) is enabled within Vinyl via a security provider. Start by signing into Vinyl as an administrator.
- Navigate to the IDE
- Click the Security Providers button
- In the User Authentication panel, click the + User Authentication button
-
Provide the following:
- Name: Integrated Windows Authentication
- Type: Integrated Windows Authentication
- Enabled: Checked
- User Provisioning: Check to enable just-in-time user provisioning
-
Click the Save button
Note
See User and Group Provisioning for additional information on user provisioning.