Frog SSO not really SSO?
We implemented the Frog SSO a few months ago and it all seemed to be working correctly. However, since the last software update it no longer works correctly with students.
Here is the scenario. Staff log onto the PC's, open up the internet and auto-login to Frog. All great :) They click on 'My School Drives' and it shows the contents of their home drive (\\server\username$). All is great and just as before.
Students login, they open the internet and get a message of 'session has timed out'. This then takes them to the logon screen. If they login manually then it works and so does the home drive link.
I was told by Frog to try disabling the student timeout time. So I did and this time it went straight in! :) All good I think. But then when I click on 'My School Drives' it pops up with a username and password box. :(
Now the funny thing is, Frog support have told me that this is expected behaviour??? Apparently it is supposed to popup with a password box when accessing the network drives. The fact that it works for staff and used to work for everyone is apparently a BUG and never should have happened!!??
How can it be called SSO when you still need to re-enter a username and password?
While not a fix to your particular situation I do think the term 'SSO' (single sign on) should be supplemented by SISO (single instance sign on) whereby the user only has to login once to access a range of services and where SSO just makes sure you don't have to remember multiple usernames/password for different services.
Fair point. I just find it odd that it was working fine before and still is for staff. How can that be a bug??
The reason it asks for the password is because it uses a users password to access the network.
When you use normal login page it saves password encrypted in frog. Then when using the network file brick it uses the saved password to access the network.
With NTLM you bypass the user entering there password at login. So no password has been saved for network access.
The reason the staff are working, I suspect it has access to a saved password.
To test reset a staff users password then just use SSO (NTLM) and when you use network files brick is should also ask for password just like students..
This is indeed a bug at the moment, or at least undesired behaviour. We are aware of this and the developers are scheduled to pick this up and investigate further in the next release (not the one rolling out to schools this month but the one after and pending successful testing we will roll out a fix).
This is on the list of known limitations of the AD SSO implementation which is available from the Frog3 Knowledge base.
As soon as we have further information we will update you through the ticket with the service desk.
If you want to discuss this further or if I can help in any other way, just let me know - I'm out on the road this week, hence the late reply, but I'll always do my best to help.
Thanks a lot,
Service Desk Manager
Sorry, off topic a bit but how do you implement SSO with frog3? Any guides out there?
(I didn't know sso was an option!) Frog is linked to AD but you have to login again to get in.