When supporting seamless SSO the ADC acts as a local, self-hosted, web app server. This server must support https, therefore a valid SSL/TLS certificate is required, this is covered in detail later in this document.
This server must be able to connect to the My1Login cloud services (https://app.my1login.com) and must also be resolvable (on its custom port) by all users within the enterprise.
These following items need to be installed on the server
that hosts the AD Connector:
The ADC is a windows service that runs as an AD user. It is recommended that a service user be created for the ADC.
The ADC must be able to connect to your company’s sub-domain under my1login.com (e.g. https://mycompany.my1login.com) over port 443 and be able to connect to https://messaging.my1login.com and https://msg.my1login.com over the same port (443).
To support seamless SSO within the enterprise, your users’ browsers must be able to connect to the ADC’s self-hosted app server. This app server runs on a custom port (default 47810) and it must be bound to a valid certificate whose subject matches the hostname of the server.
The ADC is proxy aware and works with most authenticating and non-authenticating proxies. However, the configuration in your enterprise may be such that rules have to be added to allow direct connection to the my1login.com domain.
My1Login’s web service calls use an HMAC scheme to help protect against malicious use. This scheme requires that the clocks on the client servers / PCs and the My1Login servers are no more than 5 minutes adrift.
You will need the following information to hand to configure the web app for the ADC:
In .NET by default, supports only 2 TCP connections to the same IP address in parallel. This will affect the number of users who can login per second. The following is a link to Microsoft on more information around this setting.
The file where this option can be set is in the following file directory on your server:
You can add the following to change the max number of connections:
<add address="https://*.my1login.com" maxconnection="the number you require" />
Where “the number you require” equals the number from the
maxconnection formula you used above.