If you plan on using the IIS Reverse Proxy with Reflection ZFE, read Accessing Reflection ZFE using the IIS Reverse Proxy for prerequisites and configuration instructions.
Enabling Reflection ZFE for use with single sign-on through IIS
To enable Reflection ZFE to work with this authentication method, add the following property in the <install dir>/sessionserver/conf/container.properties file:
management.server.iis.url= <url>
The value of this property is the IIS web server address and port along with the / MSS path. For example: http://server/mss. If authentication fails, you may need to remove the domain name in order for the domain credentials to be passed to IIS: http://server/mss.
Using the IIS Reverse Proxy with Reflection ZFE
NOTE:To comply with Common Criteria security requirements it may be necessary to place the Reflection ZFE server behind a proxy by following the instructions in Accessing Reflection ZFE using the IIS Reverse Proxy.
To proxy Reflection ZFE through IIS, when using IIS single sign-on, you need to set an additional property in the same container.properties file:
servletengine.iis.url=<url>
The value takes the same form as the URL above, but uses the Reflection ZFE address. For example: http://server/zfe. It is not necessary to use the short host name form in this URL.
After you have completed this configuration, you choose this authentication option in . See the Administrative Console online help for descriptions of the configuration options.