Active Directory single sign on enables users who are logged on to the domain to access the appliance Administrator Console and User Console without having to re-enter their logon credentials each time.
Before you connect the appliance to an Active Directory server, verify that:
| •  | 
| •  | 
| 1.  | 
| ◦  | If the Organization component is not enabled on the appliance, log in to the appliance Administrator Console, https://appliance_hostname/admin, then select Settings > Control Panel. | 
| ◦  | If the Organization component is enabled on the appliance, log in to the appliance System Administration Console, https://appliance_hostname/system, or select System in the drop-down list in the top-right corner of the page, then select Settings > Control Panel. | 
| 2.  | In the Single Sign On tab of the Security Settings page, select Active Directory, then provide the following information:  | 
| 3.  | 
A message appears stating the results of the test. To view errors, if any, click Logs, then in the Log drop-down list, select Server Errors.
| 4.  | 
| 5.  | 
When users are logged in to devices that are joined to the Active Directory domain, they can access the appliance User Console without having to re-enter their credentials. If users are on devices that are not joined to the Active Directory domain, the login window appears and they can log in using a local appliance user account. See Add or edit System-level user accounts.
You can generate a self-signed SSL certificate, or generate a certificate signing request for third-party certificates, using the Administrator Console.
| 1.  | 
| ◦  | If the Organization component is not enabled on the appliance, log in to the appliance Administrator Console, https://appliance_hostname/admin, then select Settings > Control Panel. | 
| ◦  | If the Organization component is enabled on the appliance, log in to the appliance System Administration Console, https://appliance_hostname/system, or select System in the drop-down list in the top-right corner of the page, then select Settings > Control Panel. | 
| 2.  | In the Security Settings section, click Configure SSL to open the SSL tab on the Security Settings page.  | 
| 3.  | 
| 4.  | Click Generate CSR (Certificate Signing Request) or Self-Signed SSL Certificate, then click SSL Certificate Form to display the SSL Certificate Form page.  | 
| NOTE: If a certificate signing request has previously been generated, it appears on the page. To generate a new request, you need to update the information in the Configure section, then click Save before you click Generate Self-Signed Certificate. | 
| 5.  | 
| The common name of the appliance you are creating the SSL certificate for. | |
| 6.  | 
| 1.  | Copy all of the text in the Certificate Signing Request section, including the lines "-----BEGIN CERTIFICATE REQUEST-----" and "-----END CERTIFICATE REQUEST-----" and everything in between, then send it to the certificate issuer or the person who provides your company with web server certificates. | 
| 2.  | When you receive a certificate from the third party, return to the Security Settings page and upload the certificate. See Configure security settings for the appliance. | 
| 1.  | Click Generate Self-Signed Certificate to generate and display the certificate below the Certificate Signing Request section. | 
| 2.  | 
| 3.  | 
| NOTE: Your private key appears in the Private Key field. It is deployed to the appliance when you deploy a valid certificate. Do not send the private key to anyone. It is displayed here in case you want to deploy this certificate to another web server. | 
Session timeout is a System-level setting that specifies the amount of inactive time that can pass before users are automatically logged out of the Administrator Console or User Console. Auto-refresh settings are user-level settings that determine the frequency with which console pages are refreshed.
You can configure session timeout to meet your security requirements.
| 1.  | 
| ◦  | If the Organization component is not enabled on the appliance, log in to the appliance Administrator Console, https://appliance_hostname/admin, then select Settings > Control Panel. | 
| ◦  | If the Organization component is enabled on the appliance, log in to the appliance System Administration Console, https://appliance_hostname/system, or select System in the drop-down list in the top-right corner of the page, then select Settings > Control Panel. | 
| 2.  | In the General Settings section, click the Customize general configurations option to display the General Options tab on the General Settings page.  | 
| Set the number of inactive hours to allow before closing user sessions and requiring users to log in again. The default is 1. The User Console and Administrator Console have Timeout Session counters to alert users of this time limit. Only periods of inactivity are counted. The counter restarts when the user performs any action that causes the console to interact with the appliance server, such as refreshing a window, saving changes, and changing windows. When a session reaches 60 seconds before the timeout, a message box appears, allowing you to extend the session, or to log off. Once the counter reaches the limit, the user is logged out, unsaved changes are lost, and the login screen appears. The Timeout Session counter appears in the upper right of each console. | 
| 4.  |