0

Automatic sign in to Canary Admin when authenticated to Windows AD

Forum / Questions & Answers

With our v23 Canary install, launching Canary Admin while logged into our AD it automatically authenticates us to the app and we're not prompted to sign in.

Can v24 be configured to do this as well or will we always have to do an explicit login when launching the Admin, even when if we're already authenticated to AD on the workstation or server?

8 replies

null
    • damon_vinciguerra.1
    • 8 days ago
    • Reported - view

    Which providers do you have enabled? If Windows AD is the only one, it should auto-log you in. If it doesn't there may be some kerberos of config issues.

      • kevinhasler
      • 8 days ago
      • Reported - view

      Yes, "Enable Active Directory" is the only External Provider Option selected under Identity > Providers.

      • damon_vinciguerra.1
      • 8 days ago
      • Reported - view

      Well then I'm interested to see what Support says! On our v24 system, it "just works". Any relevant logs in the Canary Messages tile or Event Viewer? You're not trying to log in while connecting with a FQDN are you (https://helpcenter.canarylabs.com/t/x2yz6l8/kerberos-authentication-limitation-version-24)? Does it say localhost in the top right?

      • kevinhasler
      • 8 days ago
      • Reported - view

      Yes, just trying to access as "localhost" from the server's console, not using FQDN.
      Nothing logged related to this in Messages tile or Win Event Viewer that I see.

    • kevinhasler
    • 8 days ago
    • Reported - view

    Also, what is default inactivity timeout setting for the Admin program and can it be changed?

      • damon_vinciguerra.1
      • 8 days ago
      • Reported - view

       when I asked support that question on 9/24 they said the timeout was hard coded to 30 minutes and “as of now there is no way to change that”. 

    • smason
    • 4 days ago
    • Reported - view

    Hi ,

    You will want to enable the "Kerberos" option and disable "Active Directory". The Kerberos option will use the Windows credentials that were used to login to the server and therefore bypass the login screen. Let me know if this works for you.

      • kevinhasler
      • 4 days ago
      • Reported - view

      Thank you, that seems to have worked. 

      If that was in the documentation, apparently I must have missed it.

Login to reply

Content aside

print this pagePrint this page
  • Status Answered
  • 4 days agoLast active
  • 8Replies
  • 16Views
  • 3 Following