DESlock+ Support DESlock+ Support
What is Single Sign-On (SSO)
Article ID: KB187 email a link to this article

Single Sign-On (SSO) is a feature in the Managed version of DESlock+ (DESlock+ client managed by an Enterprise Server) that allows the FDE pre-boot login to login directly into Windows.

Coupled with the DESlock+ auto-login feature, this can allow a single password to authenticate through:

  1. The DESlock+ pre-boot loader
  2. Windows login
  3. DESlock+ Key-File login

Single Sign-On can be configured via the Enterprise Server either when initiating Full Disk Encryption, adding an FDE login or by later modifying an FDE login.

To use Single Sign-On, the workstation must be joined to a Windows domain. However the actual account used can either be a domain account or a local machine account.

Initiating Full Disk Encryption

To configure Single Sign-On when initiating Full Disk Encryption, simply click the Single Sign-On check box on the user FDE login page of the Start FDE Wizard. Please note this will disable the password options as these are not valid for a Single Sign-On login type as the password outside of the Enterprise Server.

When the DESlock+ client receives the request to enable Sign Sign-On they will be presented with a dialog to confirm their Windows login password. They must enter their normal windows password and click Verify. If this is successful, click OK to configure the login to use Single Sign-On.

For a full step by step guide, please see our article below:

KB101 - How to encrypt a hard drive using a managed version of DESlock+?

Adding a new FDE login

To configure Single Sign-On when adding a new FDE login, check the Single Sign-On option. This will limit the user selection on the following page of the wizard to only users who are activated on the workstation.

Add FDE login interface

For a full step by step guide, please see our article below:

KB345 - How do I add an additional FDE login?

Changing an existing FDE login

To enable, or disable, Single Sign-On for an existing FDE login, check the relevant option on the Change FDE login interface and post the command to the client. Please note that the password options will be disabled when choosing Single Sign-On because the password will not be managed by the Enterprise Server.

Modify FDE login interface

For a full step by step guide, please see our article below:

KB380 - How do I remove Single Sign-On? (SSO)


Related Articles:

KB221 - Why does Single Sign-On (SSO) not log me in to Windows

KB207 - What happens when the network password is changed for a user with an SSO FDE login?

KB502 - How does Single Sign-On (SSO) Resynchronise?

KB396 - Single Sign-On (SSO) Access Denied after Windows 10 upgrade

keywords: what SSO single sign-on sign network password access denied


We use cookies on our website to enhance your browsing experience. Read more