I want to bypass the Teamcenter SSO login window with OS credentilas for the Users, which also managed in LDAP.
has anyone done it before? please suggest
Hi @RandyEllsworth Thanks for the reply..,
I think i want to use second option which is complicated, because what i need is when i click on TC 4T Rich client then there should not be appearance of login page, instead TC should logged in with current OS user credentials.
here i have question, do i need to have TC user already for every OS user present in the domain?
or i can create that at the run time once i validate the credntials(from LDAP) in case un-availability of that user in TC?
I haven't used SSO before so i am curious to know how it really works!
the status of what i have now is..
1. Normal Server Manager & Normal TC.war deployed on tomcat,
2. SSO Server Manager, SSO Login Service,Identity Service & SSO tc.war file deployed on Wildfly
3. When Rich Client & Thin client opened SSO page getting opened to fill the credentials.
yes @RandyEllsworth you are right, I want to use SSO but bypass the login window.
I am going through the Siemens docs but things are not that much clear to me, because still havent gone through all.
When i am using Kerberos authentication, do i still need Identity service which is authenticating credential from LDAP?
because doc says,
Kerberos offers users the advantage of zero sign-on. Because you are already logged on to the operating system, you use your operating system identity to get into Teamcenter.Another advantage of using Kerberos is there is no password sent across the network.Thus, Kerberos provides a security advantage.Kerberos is only supported on Windows and its use with Teamcenter is optional.
Which mean i will need only login Service and no need of Identity Service. OS User is already logged in so his credentials are already authenticated and he is allowed tologin with the help of Kerberos.
am i right?
Teacenter Login, using SSO, fails because the Uesr ID in AD and Teamcenter do not match. Is there a way to get around this problem without having to update the User Names in Teamcenter?
Documentation suggests to create a new attribute in LDAP repository and associate that attribute to all TC users. I'm not sure how easy or difficult this is and how do we manage for new users.
There's some customization built around the hard coded user names in teamcenter. Is there a way Teamcenter/SSO uses OS Name (in TC Organization) for login instead of User name?