Skip to main content
Planview Customer Success Center

Installing SSO using ISAPI (HTTPS optional)

Pre-installation steps for SSO

Before you begin, you must perform the Pre-installation steps for Single sign-on (SSO).

WARNING: This SSO implementation does not support the Changepoint Mobile app and should only be used for Changepoint when no other options are available.

Collect configuration parameters

Determine the actual values for the following items. They are used as replacement parameters during configuration.

Parameter

Description

Enterprise_URI

The domain identifier that you use for , for example:

https://changepoint.abc.corp

Enterprise_Path

The location of the web application files.

Default: <cp_root>\Enterprise\

ReportDesigner_URI

The domain identifier that you use for Report Designer, for example:

https://reportdesigner.abc.corp

ReportDesigner_Path

The location of the Report Designer application files.

Default: <cp_root>\ReportDesigner\

RequireHTTPS

Require HTTPS (True/False)

Default: False.

Changepoint_RSA_Cookie_Transform

The name of the certificate that you use for Cookie encryption.

Default: the "CN=ChangepointCookieCertificate" Certificate Name.

Enterprise_SigningCertificate_Name

The name of the certificate that you use for signing messages.

Default: the "CN=ChangepointSigningCertificate" Certificate Name.

Enterprise_SigningCertificate_Thumbprint

The thumbprint of the certificate that you use for signing messages.

Default: "78794E4FF1BB0F5D9A53DC7B8C0B799A1FBC1BB5"

ISAPI_Mode

The ISAPI mode

Default: NT

ISAPI_Header

The header used when ISAPI_Mode is "HEADER", for example:

blank

Create application

  1. In IIS, under Enterprise, convert the RP-STS_ISAPI folder to an application:
    • Alias name: RP-STS_ISAPI
    • Physical path:

      \<cp_root>\Enterprise\RP-STS_ISAPI

    • Authentication: Only Windows Authentication
    • Application pool: Application Pool
  2. Add Default.aspx to the Default Documents for the application.

Execute configuration scripts

  1. Open a PowerShell prompt.

    If the server has User Account Control enabled, you must open the PowerShell prompt using elevated administrator permissions.

  2. Navigate to the configuration directory, default:

    <cp_common>\Configuration\Enterprise

  3. Execute:

    ./Configuration_SSO_ISAPI.ps1

  4. Follow the prompts.
  5. Navigate to the Report Designer configuration directory, default:

    <cp_common/Configuration/ReportDesigner

  6. Execute:

    ./Configuration_SSO_ISAPI.ps1

  7. Follow the prompts.