The OAM has a feature which enables Microsoft Internet Explorer users to automatically authenticate to their Web applications using their desktop credentials. This is known as WINDOWS Native Authentication.

• user logs in to the desktop MACHINE, and local authentication is completed using the Windows Domain Administrator authentication scheme.
• The user opens an Internet Explorer (IE) browser and requests an Access System-protected Web resource.
• The browser notes the local authentication and sends a token to the IIS Web server.
• The IIS Web server uses the token to authenticate the user and set up the REMOTE_USER HTTP header variable that specifies the user name supplied by the client and authenticated by the server.
• The WebGate installed on the IIS Web server uses the hidden feature of EXTERNAL authentication to get the REMOTE_USER header variable value and map it to a DN for the ObSSOCookie generation and AUTHORIZATION.
• The WebGate creates an ObSSOCookie and sends it back to the browser.
• The Access System authorization and other processes proceed as usual.
• The maximum session timeout period configured for the WebGate is applicable to the generated ObSSOCookie.

The OAM has a feature which enables Microsoft Internet Explorer users to automatically authenticate to their Web applications using their desktop credentials. This is known as Windows Native Authentication.