Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Prevent G Suite login other than by AD bound machines

Steve Larsen
Steve Larsen
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 8, 2018

Being able to be signed in automatically after the user logs into a bound machine (win/mac) is great. What I'm wondering if Crowd can only allow users to login from a device that is AD bound. Effectively limiting a user to be able to login to G Suite only via trusted/known devices?

Answer
Watch
Like Be the first to like this
412 views

2 answers

0 votes
Steve Larsen
Steve Larsen
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 8, 2018

It was your IWAAC solution that made me post this in fact. It might be worth getting in touch to discuss further and demo the solution. 

View More Comments
Bruno Vincent
Bruno Vincent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 8, 2018

Sure! Feel free to drop us a line at support@cleito.com

Like
Reply
0 votes
Bruno Vincent
Bruno Vincent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 8, 2018

Hello @Steve Larsen

First of all, please allow me to make sure that I understand your context correctly. My understanding is that you want to use the Google Apps Connector that is shipped with Crowd to authenticate your Google Apps users on Crowd. In other words, when your unauthenticated users will hit a Google Apps page they will be redirected to Crowd's login page on which they will enter their Crowd username and password.

I also understand that you want to add Windows SSO on top of that, meaning that you want that Windows domains users don't need to enter any username and password when they are redirected to Crowd's login page. You will need a third-party plugin like IWAAC Kerberos SSO to achieve this (Important Disclaimer: I work for that plugin's vendor). You might want to take a look at our integration guide for G Suite / Google Apps.

Now, regarding your main and last question, the IWAAC plugin has options to enable/disable Windows SSO when users connect from specific IPs or from devices of specific types. For instance, you could tell the plugin to allow Windows SSO only for users connecting from a Mac/PC that has an IP in your internal domain network (e.g. 192.168.0.1/24).

I hope this does answer your question 🙂

Reply

Suggest an answer

Log in or Sign up to answer
Crowd
Crowd
TAGS
AUG Leaders

Atlassian Community Events

    See all events