You can enable your users' browser clients for seamless SSO with AD Connect using Integrated Windows authentication (IWA).
Before you begin
Ensure that:
- Your AD Connect configuration in PingOne for Enterprise has an
Authentication Type value of
Integrated
. This authentication type uses Integrated Windows Authentication (IWA). - Port 80 is open for use by AD Connect.
- The browser clients for your users have the AD Connect host listed as a trusted site.
Click the corresponding tabs for instructions on adding trusted sites to Google Chrome, Microsoft Edge, and Mozilla Firefox.
Adding trusted sites to Chrome
- In Chrome, go to .
- Click Third-party Cookies.
- Click Add.
- In the Site field, enter the host name of the AD Connect host.
- Click Add.
Adding trusted sites to Edge
- In Windows, open the Control Panel.
- Go to .
- In the Internet Properties window, go to .
- In the Add this website to the zone field, enter the host name of the AD Connect host.
- Click Add, then click Close.
Adding trusted sites for Firefox
- In Firefox, enter about:config in the URL address bar.
- Click Accept the Risk and Continue.
- In the Search bar, enter network.negotiate.
- Click the Pencil icon for network.negotiate-auth.trusted-uris.
- In the field that opens, enter the host name of the AD Connect host.
- Click the Save icon.
The name of the AD Connect host is displayed as the value of network.negotiate-auth.trusted-uris.