Knox SSO service prompting for Active Directory password in Knox Workspace

NOTE - Knox Workspace unlock using Active Directory (AD) will be deprecated in Knox v.3.4.1.



Knox Platform for Enterprise
Knox Workspace
Knox version 2.4 and newer



When the default lock type for the Knox Workspace container is used, the user is prompted for their AD credentials in Single Sign-on (SSO) authenticator once inside the container.


The regular default lock type for the Knox container cannot be used with SSO authentication.


In order to use only one password for the Knox container and SSO service, you must first:
  1. Install Samsung authenticator for Kerberos on the device.
  2. Create a Knox container and choose Enterprise ID as the lock type (you will not be able to change the lock type to Enterprise ID once the container is created).
  3. Enter your Active Directory credentials and any other required information.

With the above settings, you will be able to log in to the SSO service without entering your AD credentials.  The AD password will only be required to unlock the Knox container.