How can we improve the SMA (K1000)?

Bug: Logout disables single sign on

Just recently upgraded to the 5.5 Single Sign on, and it's great! However, our users noticed that when they log out of the system, they cannot get single sign on to work again unless they fully close, then reopen, Internet Explorer. I worked with KACE support and they said the following, requesting that I post it here:

"It seems what is happening is that the token that gets created for SSO to work to log on initially isn't getting resubmitted until the browser is refreshed/re-opened. The ability to log back on without reopening the browser could be submitted as a feature request. "

18 votes
Vote
Sign in
(thinking…)
Sign in with: Facebook Google
Signed in as (Sign out)
You have left! (?) (thinking…)
Mark B shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

3 comments

Sign in
(thinking…)
Sign in with: Facebook Google
Signed in as (Sign out)
Submitting...
  • Matt Bise commented  ·   ·  Flag as inappropriate

    We're running the newest version 6.4.120261 and are experiencing these issues as well. The workarounds mentioned above don't work for us.

    Strangely, this used to work for us.

  • Nate commented  ·   ·  Flag as inappropriate

    We are experiencing the same issue with 6.0, but first noticed it when our sessions reached the TIMEOUT limit and automatically log off.

    This results in the K1000 login screen appearing, which if a user has never seen this login before (as they would normally login automatically), they won’t have any idea how to login…resulting in calls to our Helpdesk.

    Clicking REFRESH in Internet Explorer doesn’t reinitiate the SSO session either, we have to actually navigate away from the admin page (https://K1000/admin) to the user portal page (https://k1000/) or vice versa, in order to re-establish the SSO. Completely exiting the Internet Browser and reopening the K1000 also works, but talk about a pain.

    What I'd like to see, is the K1000 detect if it is a SSO session, then disable log out button and the timeout option completely. After all, those options are really only applicable to users that login outside the domain. Or at the very least, have 2 different TIMEOUT options, one for a SSO session and one for manually typed credentials.

    We will be disabling SSO until this issue is addressed.

Feedback and Knowledge Base