PC-Duo Web Console Operations Guide
×
Menu

Identity Manager Settings

 
Below is a list of settings within the PC-Duo Identity Manager (PIM).
 
 
6.  Allow installed Master to Single Sign On:  This setting only applies if "Allow local AD login" is True.  When this is True, PC-Duo Master and other fat-client applications can perform single sign-on using Windows Authentication, and these clients do not provide a choice to use Aure AD authentication.  To allow Azure AD authentication from PC-Duo Master and other fat clients, set this value to False.
 
7. Prefer UPN name format:  This setting only applies if  "Allow local AD login" is True.  When this is True, accounts from Active Directory domains are displayed in UPN format.  Machine local accounts are always displayed in SAM format.
 
8. Allow Aure AD login:  This value is True to enable authentication with Aure Active Directory.  The four Azure AD settings that follow must be filled in correctly for Azure AD integration to work
 
9.  Aure Domain:  The Aure Active Directory domain name.  For test domains, this is typically something.onmicrosoft.com; or this is a more recognizable name if you have registered and configured a custom domain in your directory.
 
10.  Azure Application Client ID (aka Client ID):  The Azure Applcation ID (also formerly called the Application Key).
 
11.  Azure Client Secret (aka Application Key):  The Azure Client Secret for the application registration.
 
12.  Require Azure AD for web-based application logins:  This setting only applies if "Allow local AD login" is True, and "Allow Azure AD login" is True.  When this value is False (the default), users logging into the Web Console (e.g. via the FIND button) are given a choice of entering Windows Account credentials (e.g. local domain account), or clicking the Azure AD button in the "Login using Cloud Identity Provider" section.  When this value is True, this screen is not presented, and users are automatically directed to login with an Azure AD account. [Introduced in v13.3 HF#2]
 
13.  Allow access to LOGIN button from external addresses