|Issue 131729:||Automatic Active Directory SSO|
|3 people starred this issue and may be notified of changes.||Back to list|
Version of Google Chrome: 19 Version of MSI:19 Using group policy settings? Yes Chrome needs to be able to detect when its running on a user account thats on a Windows Active Directory Domain without the use of google third party applications and software so that the email address and password specified for that user is used automatically to log users into their google account without the user having to input their gmail address and password,this should be done even if Google Apps are not used so that users who have a @gmail.com address can still see the benefits without any other sofyware to install. Chrome could first check the user account to see if its on a domain or not if so then check the email field on the users AD entry and if @ gmail.com is used then chrome tries to login to gmail account with the same password as AD if their isnt a @gmail or the password doesnt correspond with the @gmail.com account then chrome should ignore this and operate as before.
Jun 7, 2012
This would mean that the AD would have to have passwords sync'ed with Google Apps. Which may not be a big deal, I guess. We've discussed this idea recently. Adding others who are interested in this... is there a duplicate bug to this, or should we start tracking this behavior?
Cc: email@example.com firstname.lastname@example.org
Jun 7, 2012
Passwords could be synced with AD and Google accounts with a server component instead of users installing software, server software could be installed so that @gmail.com users can have this feature and not just Google Apps users. I dont think their is a duplicate for this issue if so could they possibly be migrated together.
Jun 8, 2012
Note that AFAIK, there's now way to get the raw AD login password for the current user (that would be a major security disaster). We've discussed who to get SSO going internally before, and one promising solution is to do a Kerberos handshake (assuming you've enabled your Google Apps domain for SAML).
Mar 10, 2013
(No comment was entered for this change.)
Labels: -Feature-Enterprise Cr-Enterprise
Mar 26, 2014
Interesting integration idea with AD to do Chrome SSO, although not sure how that works with multi-profile.
Labels: -Type-Bug Type-Feature
|► Sign in to add a comment|