none
SSO for Intranet SharePoint Farm - do not require username and password

    Question

  • Hi all-

    I have setup a SharePoint farm for use internally.  I would like to set IE's home page to the SharePoint site and authenticate the currently logged on user automatically using their AD credentials.  I'm thinking there's a simple way to do this via Group Policy without ADFS or more "advanced" authentication protocols.  Can I simply add the SharePoint site to the Local intranet zone in IE, and then set the Local intranet zone security level to Custom and then select User Authentication-->Logon-->Automatic Logon with Current Username and Password?  See below.  Thanks.

    Wednesday, March 8, 2017 10:43 PM

All replies

  • Local Intranet already has that option turned on, but your approach is correct. You may want to use Group Policy Preferences rather than the Administrative Template so users continue to have control over their Intranet Zone setting, as well.

    https://support.microsoft.com/en-us/help/182569/internet-explorer-security-zones-registry-entries-for-advanced-users

    This isn't true SSO. IE is simply responding to the request for authentication automatically, but it works in most scenarios. It does require users log in with a domain user on a domain-joined machine.


    Trevor Seward

    Office Servers and Services MVP



    Author, Deploying SharePoint 2016

    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

    Wednesday, March 8, 2017 11:00 PM
    Moderator