Skip to Content

Configuring Integrated Windows Authentication

Vinyl can integrate with Active Directory using Integrated Windows Authentication (IWA).

Configuration involves the following procedures:

  1. Installing the Windows Authentication service on Windows.
  2. Enabling Windows Authentication on the Vinyl web application.
  3. Creating a Vinyl security provider.

Requirements

In order to proceed, you will need:

  • Administrator access to the web server hosting Vinyl.
  • Administrator access to Vinyl.

Installing the Windows Authentication service on Windows

Windows Authentication is service of the Web Server (IIS) role. The Windows Authentication service is not installed by default. The following document describes how to install the Windows Authentication service:

https://www.iis.net/configreference/system.webserver/security/authentication/windowsauthentication

Enabling Windows Authentication on the Vinyl Web Application

Once the Windows Authentication service has been installed, you will need to enable Windows Authentication on the Vinyl web application within IIS.

  1. Launch the* Internet Information Services (IIS) Manager. In the *Connections** pane, locate and select the Vinyl application.

    Sites Default Web Site Vinyl Application

  2. Typically, the Vinyl application is located beneath Sites → Default Web Site. However, it may have been installed under a different web site or directory.

  3. Double-click the Authentication icon.

    Authentication

  4. Select the Anonymous Authentication item.

  5. Click the Disable link the Actions pane.

    Actions Disable

  6. Select the Windows Authentication item.

  7. Click the Enable link in the Actions pane.

    Enable

Creating a Vinyl Security Provider

Integrated Windows Authentication (IWA) is enabled within Vinyl via a security provider. Start by signing into Vinyl as an administrator.

  1. Navigate to the IDE
  2. Click the Security Providers button
  3. In the User Authentication panel, click the + User Authentication button

  4. Provide the following:

    • Name: Integrated Windows Authentication
    • Type: Integrated Windows Authentication
    • Enabled: Checked
    • User Provisioning: Check to enable just-in-time user provisioning

  5. Click the Save button

Note

See User and Group Provisioning for additional information on user provisioning.