|Issue||Windows Integrated SSO Returns "Unable to Authenticate User" Message|
When Archer is configured with SSO and Windows Authentication the LDAP synch has to be configured correctly so that the user accounts created match the username that will be passed by Windows when logging in. If they do not match up perfectly the user will be presented with an "Unable to Authenticate User" message.
Under the configuration tab of the synch there is a field called User's Domain. This value will be combined with the username brought in through LDAP from the SAMAccountName value in the following format.
This should match exactly the credentials used when the user logs into their Windows machine. In most cases where they do not match we have found a web extension added to the end of the domain so archer.com\username instead of archer\username.
|Legacy Article ID||a58394|