Switching from SAML to Windows Authentication Mode
You can switch the File Access Manager authentication mode from SAML, which uses a local identity provider, to Windows username and password method by changing the setup in the File Access Manager installer.
Complete the following steps to switch authentication mode:
-
Set the Authentication Mode in the File Access Manager Installer.
- Open the File Access Manager installer on the server where the Web Client and IIS are installed.
- Navigate to the Select web authentication mode step.
- Change the option from SAML to Windows.
- Select Next through the installation wizard until you reach the end, and then select Finish.
-
Change the IIS Authentication Method.
- Open IIS Manager.
- In the tree on the left-hand side, navigate to Current Server > Sites > Default Web Site.
- Select on the cdn folder, then in the IIS section, select Authentication.
- Right-select and select Anonymous Authentication > Disable.
- Right-select and select Windows Authentication > Enable.
- Repeat the above steps for the following folders/locations:
Identityiqfam > v1
Identityiqfam > v2
SecurityIQBiz
SiqApi
- Restart IIS to apply changes.
-
Create an Active Directory Identity Collector by navigating to Application > Configuration > Permission Collection > Identity Collectors.
- Set a schedule for this identity collector.
-
Navigate to Applications > Configuration > General Configuration > Authentication Store, and select the identity collector you created from the dropdown list.
This will now configure the Active Directory as the authentication store.
-
Run the scheduled task for the authentication store you created above.
- Clear the cache of previous sessions in your browser.
- Open the Website and sign in with any user from the Active Directory authentication store.
- The SAML Login option and the Logout button will no longer appear in the system.
By following these steps, you will have successfully switched the authentication method to Windows Authentication.