Integrated Windows Authentication server requirements

Owned by Kiss, Mate
May 24, 2022
1 min read
  • Add the server to Windows Domain - The server running the Verba web app (Media Repository component) has to be added to the Windows Domain where your users are. Currently, there is no simple SSO solution for organizations with multiple domains.

  • Tomcat has to be run as a service with Local System or Network Service account to enable all types of authentication.
    Or alternatively, use the following setspn commands in your AD:

    setspn -S HTTP/Verbaserver-name.domain.com verba-service-user
    setspn -S HTTP/Verbaserver-name verba-service-user
    setspn -S HTTP/Verbaserver-name.domain.com domain\verba-service-user
    setspn -S HTTP/Verbaserver-name domain\verba-service-user

    You should wait one day for the setspn commands to take effect!

  • If you have done the client side requirements as well and you are still having issues with SSO then navigate to C:\Program Files\Verba\tomcat\webapps\verba\META-INF\context.xml and uncomment the following line:

    <!-- By default, this parameter is not set -->
           <!--
           <Parameter name="onlyntlm" value="" override="false"/>
           -->

     

  •  To enable logging add this to the end of C:\Program Files\Verba\tomcat/conf/logging.properties:

     

    fr.doume.level = FINE