This option uses Microsoft IIS web server. This option requires no additional setup as long as you used the Management and Security Server automated installer and chose to integrate with IIS during the installation process. You can find more information on install configurations in the Management and Security Server documentation.
Enabling Reflection ZFE for use with single sign-on through IIS
To enable Reflection ZFE to work with this authentication method, add the following property in the <install dir>/sessionserver/conf/container.properties file:
management.server.iis.url= <url>
The value of this property is the IIS web server address and port along with the / MSS path. For example: http://server/mss. If authentication fails, you may need to remove the domain name in order for the domain credentials to be passed to IIS: http://server/mss.
Using the IIS Reverse Proxy with Reflection ZFE
NOTE:To comply with Common Criteria security requirements it may be necessary to place the Reflection ZFE server behind a proxy by following the instructions in Accessing Reflection ZFE using the IIS Reverse Proxy.
To proxy Reflection ZFE through IIS, when using IIS single sign-on, you need to set an additional property in the same container.properties file:
servletengine.iis.url=<url>
The value takes the same form as the URL above, but uses the Reflection ZFE address. For example: http://server/zfe. It is not necessary to use the short host name form in this URL.
After you have completed this configuration, you choose this authentication option in . See the Administrative Console online help for descriptions of the configuration options.