How do I enable SSO login to existing AD user accounts in MetaDefender Managed File Transfer?

Sometimes, you may notice that when enabling both SSO and AD integrations, two different user accounts are created separately in MetaDefender MFT for these two different login methods.

Cause:

Having two different users means that the received SSO claims by MFT do not resolve a username of a user that is already present in MFT as an AD user.

Solution:

To enable SSO login to existing AD accounts listed under Users > Active Directory, please make sure that the SSO integration returns claims containing the same username as an existing AD integration user.

  • Afterwards, provided there is already a user with the resolved username (e.g. AD synced user), the SSO login will be able to authenticate that user.

For example, consider the following Active Directory Federation Services (AD FS) and Active Directory integration:

  • The AD username here is” Administrator”, which is the SAM-Account-Name of the AD profile.

-

- To be able to login with AD FS to this same account, the AD FS must be configured to return the same for the username claim (i.e. SAM-Account-Name):

If Further Assistance is required, please proceed to log a support case or chatting with our support engineer.
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
Why does changing the file expiration date not affect my uploaded files?
On This Page
How do I enable SSO login to existing AD user accounts in MetaDefender Managed File Transfer?