Single Sign-On Settings Tab

 

The SSO Settings tab provides a way to enable SSO.

What do you want to do?

Role I want to ... Show me how
Admin Enable SSO Settings Configure Single Sign-On
Admin Configure Active Directory Configure Active Directory

Admin

Configure ADFS as IDP for NetWitness

For instructions on how to configure ADFS as IDP for NetWitness, see the Configure SAML 2.0 provider settings for portals topic in Microsoft documentation.

Admin Map User Roles to External Groups Manage Users with Roles and Permissions

Quick Look

To access this view, go to netwitness_adminicon_25x22.png (Admin) > Security and click the Single Sign-On Settings tab.
image (42).png

The following table lists the features of the Single Sign-On tab.

Feature Description
Enable SSO Checkbox that indicates whether or not the single sign-on is enabled. This box is cleared by default.
Auto Import IDP Metadata If selected the latest IDP metadata is downloaded at regular intervals.

Metadata URL

Enter the metadata URL generated when the connection was established with the ADFS.

Use Proxy If enabled, the requests to IDP will be routed through the proxy configured in netwitness_adminicon_25x22.png (Admin) > System > HTTP Proxy settings.
Import IDP Metadata

Enter the metadata URL generated when the connection was established with the ADFS.

Note: Make sure you update the link every time the IDP metadata is updated.

Entity ID

A unique identifier for NetWitness unique amongst all the applications managed by the same IDP.

Enable Global Logout Checkbox that enables Global Logout setting for users.
When Global Logout is enabled, the user is logged out of NetWitness and also from other applications authenticated by ADFS.
Enable SAML Token Based SSO Authorization Checkbox that indicates whether or not the SAML Token Based SSO Authorization is enabled. This box is cleared by default. Select the Enable SAML Token Based SSO Authorization check box if you want to setup SAML token based SSO without needing to configure Active Directory in NetWitness.
SAML External Group Attribute Name Specifies the attribute name which holds the external group names in the SAML token. Required when using SAML token based authorization.

Apply

The admin-server is restarted after which you will get notified in the notification tray when the metadata is ready to be downloaded.

Export Service Provider Metadata Exports an XML file which is uploaded to IDP to establish the connection between NetWitness (SP) and IDP (ADFS) for authentication.