Ldap and mobile app

Hi Community!

 

We use LDAP with SSO as authentication in our customer's onprem installation.

So the users are used to log in using their Windows username and password and don't have a separate creatio login.

However, the creatio app doesn't support this login method, which is understandable, since there is now windows user context on the phone.

 

I was wondering how others are dealing with this problem. Is it even possible to use LDAP and creatio authentication side-by-side, because it seems to be either or?

Thanks,

Robert

Like 0

Like

6 comments

Dear Robert, 

Yes, it's possible to enter the mobile application in case if you have SSO configured on your website and it is set as a default login method. 
In order to enable SSO in mobile application you need to enable the system setting with code "MobileUseSSO"

Kind regards,
Roman

Roman Brown,

Hi,

we have enabled the option and the "login as domain user" link appears in the App!

 

However, we get the following error message when trying to log in with the domain users:

 

 

Is there something special to set up on IIS maybe, besides the Windows Authentication?

 

Thanks and best regards,

Robert

Dear Robert, 

Can you please register a case for our support team so we could check the LDAP configuration? Cause there can be several reasons for such error message. 

Kind regards,
Roman

Roman Brown,

Hi Roman,

 

it's an on-prem installation, so that will not work really...

LDAP is working in the browser, so I guess it is set up correctly.

 

Any hints?

 

Thanks,

Robert

Dear Robert, 

The option to login as a domain user is option available as part of NTLM authentication which isn't available in mobile app. 
For application you can use standard, SSO or LDAP authentication. 

Thank you. 

Roman Brown,

Dear Roman,

how can we use LDAP users with NTLM authentication on mobile?

Because as I have written in my original post, there is no option to set a password when selecting the LDAP option.

 

What is the system setting "MobileUseSSO" is exactly expected to do?

 

Thanks,

Robert

Show all comments