By default, all users are authenticated and logged in using Nomadesk's user authentication.
However, if you already have a preferred authentication system (such as Active Directory) that uses the SAML standard, you can force your managed users (users for whom you are paying the license) to use your own "Identity Provider" (IdP).
Benefits:
- SSO: you can use Single Sign-On, to have 1 single, automated login across your computers.
- Custom password policies: Authentication will happen to your Identity Provider, which means you can configure your own password policies (password expiration, password rules, ..)
- Security: Nomadesk will never see any of your passwords, hashes, .. This is all managed by your own, trusted IdP
Limitations:
- WebDAV can not be used by users that have SAML enabled. This is a technical limitation.
- SAML needs configuration by your systems administrator:
- You need to have (or set up) an Identity Provider.
Comments
2 comments
I saw there was a limitation with saml and WebDAV.
Is this a WebDAV limitation or just something what is not implemented yet.
WebDAV requires a username and password to authenticate.
SAML (usually) redirects you to a web page for logon.
==> in the case of SAML, we don't know your password, and cannot authenticate you.
We are looking into options for the future though (example solution: 1-time password for webdav access, ...) but at this moment, you will not be able to authenticate to WebDAV when you have SAML or 2FA enabled.
Article is closed for comments.