Configuring WCC with SSO

Document ID:  TEC1694822
Last Modified Date:  07/06/2017
{{active ? 'Hide' : 'Show'}} Technical Document Details

Products

  • CA Workload Automation AE

Releases

  • CA Workload Automation AE:Release:11.4

Components

  • AUTOSYS RELEATED EEM:ATSEEM
  • WORKLOAD CONTROL CENTER:UWCC
Summary:

Configuring SSO for WCC and EEM is simple.  However, our documents are not clear on what is required.  With this document, we outline the requirements and steps to accomplish this.

Instructions:

To configure WCC with SSO

 

1. Ensure EEM is configured with the AD that has the domain users 

 

Configuring EEM with NTLM

Prerequisites for Configuring NTLM Authentication

Do the following before you configure NTLM authentication:

  • Verify that the CA EEM Server is installed on a Windows Server and is connected to an Active Directory.
  • Verify that the users launch the application from a Windows computer.
  • Verify that the CA EEM Server and the computer where the users are launching the application are part of the same network domain. If the computers are part of nested domains, ensure that the CA EEM Server and the computer where the application is launched belong to domains that have a trust relation established.
  • Verify that the domain users are added to the User Groups on the computer where the application is being launched.

 

2. Enable SSO (NTLM) from WCC Configuration tab

 

Configuration Preferences 

To enable SSO (NTLM) set Single Sign-On to NTLM with the Configuration Preferences under the Configuration tab and click on Save.

Configuration Preferences

The Single Sign-On category contains the following fields:

  • Single Sign-On

Indicates whether single sign-on using NTLM authentication protocol or integration with CA Siteminder is enabled. CA WCC uses NTLM protocol or CA Siteminder to authenticate your session when single sign-on is active. To disable single sign-on, select None. If you disable single sign-on, CA WCC requires you to authenticate your session by entering login credentials.

Default: Not selected

  • Force Kerberos Compatibility

Indicates whether to force NTLM authentication when the browser is Kerberos capable. When this check box is selected and single sign-on is active, CA WCC overrides Kerberos protocol and uses NTLM protocol to authenticate your session. If you disable this option, CA WCC requires you to authenticate sessions that you open on Kerberos compatible browsers by entering your login credentials.

Default: Selected

Now when you log out of WCC and go back to the Login Screen, the link option, “Log in automatically using Windows credentials” will be available.  WCC with SSO (NTLM) is now enabled.

 

 

 

Additional Information:

Configuring WCC with NTLM / SSO 

Configure NTLM Single Sign-On 

You can use NTLM protocol to configure single sign-on capability. CA WCC does not support Kerberos authentication protocol but compatibility with Kerberos can be enabled by selecting the Force Kerberos compatibility checkbox. If you do not enable NTLM, CA WCC requires you to authenticate your session by entering login credentials. 

Notes: 

  • If you change your domain password while NTLM authentication is enabled, clear the browser cache. 
  • For more information about authentication protocol configuration settings, see the Configuration Help.  

Please help us improve!

Will this information enable you to resolve your issue?

Please tell us what we can do better.

{{feedbackText.length ? feedbackText.length : '0'}}/255

{{status}}

Not what you were looking for?

Search Again >

Product Information

Support by Product >

Communities

Join a Community >

Chat with CA

Just give us some brief information and we'll connect you to the right CA ExpertCA sales representative.

Our hours of availability are 8AM - 5PM CST.

All Fields Required

connecting

We're matching your request.

Unfortunately, we can't connect you to an agent. If you are not automatically redirected please click here.

  • {{message.agentProfile.name}} will be helping you today.

    View Profile


  • Transfered to {{message.agentProfile.name}}

    {{message.agentProfile.name}} joined the conversation

    {{message.agentProfile.name}} left the conversation

  • Your chat with {{$storage.chatSession.messages[$index - 1].agentProfile.name}} has ended.
    Thank you for your interest in CA.


    Rate Your Chat Experience.

    {{chat.statusMsg}}

agent is typing