How to set up Google AD SSO with Securly?

Follow

Securly supports Single Sign On with Google AD that makes the sign in process easier for your users while allowing Securly to filter content appropriately.

You can set up Google AD SSO with Securly if you are a Securly DNS Customers with Windows Server 2008R2 and above.

Prerequisites

  1. Google Cloud Directory  Sync (GCDS) to sync your AD installation with G Suite in the cloud.
  2. IIS server on the local intranet that runs on Windows Server 2008R2 and above.
  3. Active Directory username that matches the first part of the Google domain address.
  4. All Windows and Mac machines joined to the domain.
  5. ‘Forced login’ enabled in Securly’s Global Settings.

Note that it is recommended that you do not install Securly AD SSO on a server already running an IIS.

Install

Note that you will need to allow the execution of unsigned scripts.

  1. Download and unzip the Securly Google AD SSO.zip
  2. At an elevated/Administrative PowerShell enter: " Set-ExecutionPolicy Unrestricted "
  3. Then run the "setup.ps1" from the correct folder matching your OS.
  4. The script will install IIS, Enable Windows Authentication & set permissions.
  5. Once deployed verify that the site and file are accessible from clients on your network in the format: http://servername/securlysso/securlysso.aspx

No dots (No FQDN) can be used in the IIS server path.

Enable AD SSO in the Securly UI

  1. Login to you Securly UI
  2. Navigate to Policy Editor > Global Settings > Enable Active Directory SSO
  3. Check the checkbox for Enable Active Directory SSO. This will open the intranet address field.
  4. Input your intranet address and click the + sign
  5. Input your Active Directory Domain and your Google App domain

 

Note that if you have several G Suite domains you may enter multiple mapping, but all should point to your Active Directory domain.

Have more questions? Submit a request

Comments