Hello. I installed and configured osTicket v1.14.2 on a Windows 2019 server on Microsoft IIS. Here's my version info and plugins:
I got LDAP authentication working fine against Active Directory for both users and agents. Then I wanted to achieve SSO so users and agents don't have to type their windows passwords if they access the Helpdesk from a domain joined computer. I followed the instructions for "Setting up Kerberos Authentication for a Website in IIS" in this Microsoft tech community article. Since my setup is fairly simple - the machine name / hostname is "helpdesk" and the URL I'm using is https://helpdesk/, so I just enabled Windows authentication and disabled anonymous authentication for osTicket web site in IIS, and it immediately started working for agents. Accessing https://helpdesk/scp automaticaly logins the agents without showing agent login screen. However I'm not able to achieve the same with end user interface. Users are still being asked to provide their user name and password when they access https://helpdesk/ and click "Sign In". Is there a way to avoid this?
Best regards,
George