SOTI Pulse Logo

Implementing Single Sign On with shared devices- can't use LDAP/AD

Solved
KW
Katie Williams

Very general question: We are starting to implement single sign on for our shared devices, Zebras and Samsung devices right now, where we would want to power on the device, show the software for single single sign on and based on your authentication show the lockdown kiosk for the list of apps you're authenticated to use. The challenge here is most of our users are not in LDAP so we will not be able to authenticate using AD.

What are my options for the best way to go about this, or to start researching as a course of action to implement something like this?

a year ago
SOTI MobiControl
ANSWERS
A
AMMOD@SOTI
a year ago

Hi @Katie Williams

Thankyou for posting on SOTI Pulse

To utilize MobiControl's shared-device mode, it's essential to first configure the AD/LDAP/Azure directory service.

Employing a SAML 2.0 identity provider (IdP) enables administrators to centralize identity information outside of individual applications. Certificates are utilized to establish trust between SOTI MobiControl and the IdP. This allows SOTI MobiControl to utilize signed security assertions from the IdP to grant users access to SOTI MobiControl resources.

For further information, please refer to the following useful documents:

Guide on setting up SSO for Android devices: Link

Shared Device configuration: Link

Video tutorials: Link

Additionally, if you prefer not to utilize LDAP or AD, our latest MobiControl release (2024) introduces single sign-on with SOTI Identity.

  • You can find this option under Profile > Security > Single Sign-On.
  • To use this profile, ensure the certificate template for IDP user is configured and a certificate profile is set up.

Feel free to begin your exploration of this feature if you are interested.

I Hope this addresses your query.

kind regards

Solution

Similar Discussions