Summary


Yes Cloud Drive Mapper supports single sign-on (SSO). IAM Cloud supports both ADAL and FedAuth tokens, which means it can support a wide range of authentication and single sign-on providers, including:

  • ADFS*
  • Azure AD Passthrough (ADAL)
  • IAM Cloud
  • Okta (ADAL)
  • OneLogin (ADAL)
  • RM Unify (ADAL)
  • PingID (ADAL)
  • VMWare Identity Manager (ADAL)
  • Plus a wide range of others that support the industry standard ADAL and FedAuth protocols.


Please note that if you want to set-up Cloud Drive Mapper with any of the ADAL-based providers above, you'll need to set an additional registry key as follows:

Reg Key ( String ) :- UseADAL 
Value = True


reg add "hkcu\software\iam cloud\clouddrivemapper" /v "UseADAL" /t "REG_SZ" /d "true" /f

reg add "hklm\software\iam cloud\clouddrivemapper" /v "UseADAL" /t "REG_SZ" /d "true" /f


* Please note with ADFS + MFA: If you want to use Azure MFA (or another MFA provider) with ADFS, you will also need to enable ADAL as above. However, if you have no MFA in place, then Cloud Drive Mapper will just work with ADFS with no additional configuration or registry changes. 




ADFS UPN & Email Mismatch


If your ADFS is using Windows Integrated Auth then Cloud Drive Mapper will identify this and automatically set-up the Single Sign On. However if the email address and UPN are different will you need to add two registry keys. 





The full list of registry settings for Cloud Drive Mapper are available on page 22 of our deployment guide.




Creating a seamless user experience without an SSO service


Credential Manager

If there is no SSO in place and login credentials are required for the user to access Office 365, Cloud Drive Mapper will request the credentials to sign-in to the user's drives. Once these credentials are collected Cloud Drive Mapper will by default try to save them in the credential manager. This means that they will be securely saved in the Windows profile for that user, and mean the next time they sign-in they will not need to provide their credentials again. 


Password Secure File

However, if the credential manager is disabled or unviable for users, Cloud Drive Mapper can also save the Office 365 in a hashed secure file that it saves to a specified location on your corporate network. This would likely be a home-drive. Whenever a user logs in to a machine on your network, Cloud Drive Mapper will activate and securely pull the credentials from the user's local Home Drive, and use them to authenticate with Office 365 to be able to map the drives. This gives the effect of single sign-on, without the need for a full federation service. To activate this feature, please see our deployment guide. 




If you need any assistance please do not hesitate to contact our Technical Support Team:


Support Portal: http://support.iamcloud.com

Email us: support@iamcloud.com

Phone (UK): +44 118 324 0000

Phone (US): +1 914 495 1298