+ Post New Thread
Results 1 to 3 of 3
MIS Systems Thread, Facility/Serco Single Sign On in Technical; We have been landed with facilty/serco as our Facilty administraor has left us in the lurch. We have single sign ...
  1. #1
    wellscs's Avatar
    Join Date
    Apr 2008
    Thank Post
    Thanked 0 Times in 0 Posts
    Rep Power

    Facility/Serco Single Sign On

    We have been landed with facilty/serco as our Facilty administraor has left us in the lurch. We have single sign on to enables users to use user credential to loging to there data, we can not get any new users entered in facilty to show in the SSO/LDAP interface. Could anyone help please?

    Thanks in advance

  2. #2

    Join Date
    Apr 2007
    Thank Post
    Thanked 9 Times in 5 Posts
    Rep Power
    Call me. I may be able to help.

    Martin Byford-Rew
    IT Manager
    Thomas Deacon Academy
    01733 426050

  3. #3

    Join Date
    Nov 2009
    North Walsham
    Thank Post
    Thanked 8 Times in 8 Posts
    Rep Power

    I have setup SSO before and have pretty much just finished doing it on a new server. It is a complicated process but here goes!....

    Presuming you have purchased the SSO module and entered the new license code, launch Facility Controller, click on Data Server Settings button and scroll across the end to find the SSO module.

    Tick the box to enable SSO and select the Attempt login bypass mode.

    Enter your LDAP server name.

    In the LDAP Base User DN box you need to enter the paths for the OU's in AD for which you want users to be able to access SSO, separated by semi colon, for example : -

    OU=Network Admin Staff, DC=NWHS, DC=LOCAL; OU=Office Staff, DC=NWHS, DC=LOCAL; OU=Staff, OU=Mobile, OU=LightlyManaged, OU=Users, OU=CommonScenarios, DC=NWHS, DC=LOCAL

    Next, click on the credentials button and enter the DN of an Admin account (make sure your admin account actually has the First name written in AD (mine didn't by default, took me ages to work out why SSO wasn't working!) The DN will look something like this: CN=Administrator, OU=Network Admin Staff, DC=nwhs, DC=local

    Next from Controller, click on Server, login name table, Single SignOn Logins and your table will be built. From here you will be able to map the Serco userIDs to the AD record. There is a tool to automatically do this but it will only work well if your Serco userID's actually have similar names to AD. Alternatively, if you are already using Resource passwords, the first time a user enters their credentials, it will do the mapping saving you a lot of time.

    Also, just checking but if you use IIS you will need to have altered the settings.xml file to change the value from false to true for 'UseIISAuthenticationForSingleSignOnBypass and you will need to have edited the IsapiRewrite4.ini located in ePortal\bin\win32\i386 with your domain name.

    Finally, you will have to disable Anonymous Authentication and add the isapirewrite4.dll filter in IIS

    I worked from a Serco manual called Facility ePortal v09.2 (an old version) Single Sign On (LDAP) Guide. Get this or the latest version if you don't already have it.

    Hope this helps.


+ Post New Thread

Similar Threads

  1. Moodle - Single Sign on
    By ceebster in forum Virtual Learning Platforms
    Replies: 2
    Last Post: 18th June 2014, 11:28 AM
  2. Serco Facility
    By wellscs in forum MIS Systems
    Replies: 5
    Last Post: 8th June 2010, 09:03 AM
  3. serco facility
    By garrysaddington in forum MIS Systems
    Replies: 8
    Last Post: 8th June 2009, 10:22 AM
  4. Single Sign on software
    By localzuk in forum General Chat
    Replies: 36
    Last Post: 17th July 2008, 10:25 AM
  5. Moodle Single Sign On with CMS
    By monkeyx in forum Virtual Learning Platforms
    Replies: 0
    Last Post: 26th November 2007, 08:39 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts