Configure Single Sign-OnConfigure Single Sign-On
The following workflow describes the tasks to be performed in sequence to configure Single Sign-On authentication on NetWitness.
Configure ADFS as IDP for NetWitness
For instructions on how to configure ADFS as IDP for NetWitness, see the Configure SAML 2.0 provider settings for portals topic in Microsoft documentation.
Map User Roles to External Groups
Atleast one Active Directory group should be mapped to an administrator role in NetWitness. For instructions on how to map user roles to Active Directory groups, see (Optional) Map User Roles to External Groups.
Enable Single Sign-On Enable Single Sign-On
- Go to (Admin) > Security.
The Security view is displayed with the Users tab open.
- Click the Single Sign-On Settings tab.
- Select the Enable SSO checkbox.
Select the Auto Import IDP Metadata if you want the latest IDP metadata to be automatically downloaded at regular intervals.
When you select this check box, a Metadata URL field will be displayed where you must enter the IDP metadata URL.
- Select Use proxy checkbox for the requests to IDP tobe routed through the proxy configured in (Admin) > System > HTTP Proxy settings.
- Select Import IDP Metadata to manually import the meta data and enter the IDP metadata URL.
Note: Make sure you update the link every time the IDP metadata is updated.
- Enter a unique entity ID to identify the NetWitness instance in the Identity Provider.
- (Optional) Select the Enable Global Logout checkbox if you want to be logged out of NetWitness along with all the other associated sessions authenticated by IDP.
This may take some time however we recommend you to restart the admin-server immediately. To export the metadata in an XML format either click the link in the notification tray and download the metadata or click Export Service Provider Metadata .
Note: The exported Service Provider metadata must be imported to IDP. For more information, see the Configure SAML 2.0 provider settings for portals topic in Microsoft documentation.