SSO for WordPress
SSO is all about not having to login to multiple site/applications but rather have the id the logged into you computer being passed the IIS server and using that to log you in.
We tried to keep as simple as possible. Windows Authentication only needs to be set on wp_login.php (to reduce the server load of authenticating all the time). If when you load this page with SSO turn on in WPMU-LDAP we look into the server variables for your username if we find it we then login as that user or call the LDAP server with that id to get your details if it is your first time on the blog.
How to setup SSO on IIS
Follow the standard install for WPMU-LDAP and get it all working
Then create an ID that uses your NT id as the username and make that ID a supper admin
Don’t do this until you are happen that it all works.
To configure Windows Authentication
Open IIS manger
Select root of the site in the left plain
Click the content view at the bottom on the main plain
Select wp-login.php in the main plain
Click the Features view at the bottom on the main plain to get back to the admin icons
Double click the Authentication option in the IIS section
Select Windows Authentication and click enable in the Action panel on the right
That all you need to do with IIS
Now open a non MS browser (firefox)
Now load the WPMU-LDAP control panel and enable SSO
Keep browser open
Now open IE and go to your blog site and try to access wp-admin. If all is well you will get pushed to wp-login we you get login in using the NT id and forwarded to wp-admin or to your profile if you not an admin (see above)
Any new user will automatically get an account
If you try now to logon with and non IE browser you will now get login box popup
Note: there are number of third party tools that will allow setting this up a linux server. These should all work as long as its provide a username in one of these variables
We have only tested this on IIS 6/7 if you try any other provide please lets know how you get on.
Contributed by Paul Bearne