Single sign-on

Active Directory is set for end of life 2024-12-31 in favour of Azure AD.

If single sign-on is to be used, a Service Provider Name (SPN) for Lime CRM Server must be set in Active Directory.

To do this, run the following commands in a command prompt as a user with Domain Administrator privileges (from any computer inside the domain):

setspn -s lime/<hostname> <domain>\<serviceaccount>
setspn -s lime/<fully qualified hostname> <domain>\<serviceaccount>

If you use a DNS-name as your servername when you login, you must run setspn with the DNS-name as hostname (without the https://), e.g. lime.mydomain.com

You can check current settings using:

setspn -l <domain>\<serviceaccount>