Create a plist file that specifies the claimed domain to which the user is redirected.
Last updated on
Dec 13, 2022
Applies to:
- Persona: System Administrator
- OS: macOS and Windows
- Device: Company-owned desktop machines
- Surface: Latest Version of Creative Cloud & Acrobat Pro desktop applications
Currently does not support:
- Web services (such as Adobe Sign, Adobe Assets, Adobe Libraries)
- Mobile Applications
- Acrobat Reader
- Dreamweaver
Overview
Enterprise level configuration setting enables organizations to configure the authentication mechanism for Creative Cloud Desktop Applications including Acrobat Pro Desktop. The feature is intended to be combined with the company’s device deployment mechanism. Using this configuration, you can ensure that when your users sign in, they are automatically re-directed to the companies’ IDP with the claimed domain.
Note:
To enable this functionality, a company will need to claim the domain on the Adobe Admin Console. Also, a company may claim multiple domains, but a policy must resolve to a single claimed domain on a given machine. If you have claimed multiple domains, you may choose to redirect different users to different domains.
Benefits of customizing authentication choices
Configuring your organization's authentication settings can benefit you in the following ways:
Automatically redirect users to companies’ identity provider at app launch for domains claimed in the Admin Console
Restrict sign-in with Organizational IDs only
Remove Social Sign-In options from the Authentication screen
Configure device for Enterprise Device Authentication Management
To configure Enterprise Device Authentication Management for a device in your organization perform the following steps (based on the OS of the device)
macOS
-
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>AuthInfo</key> <dict> <key>login_domain</key> <string>@<your claimed domain> </string> </dict> </dict> </plist> -
Place the plist file in the following location on the device:
/Library/Preferences/com.adobe.NGL.AuthInfo.plist
-
Restart the Creative Cloud desktop app.
To do this, we recommend that you restart the device.
Windows
-
Open Windows Registry Editor.
Press Windows + R, type regedit and press Enter.
-
Navigate to the following location:
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Adobe\
-
Add a key – NGL.
-
Within NGL, add another key – AuthInfo.
-
Within AuthInfo, create a string value:
Name: login_domain
Value: The name the claimed domain to which the user is redirected.
-
Restart the Creative Cloud desktop app.
To do this, we recommend that you restart the device.
Known issue
After you have configured a device, if a user signs out of the Creative Cloud desktop app, the user is unable to close the Sign-in modal.
Resolution
Adobe will release a fix for this issue in the next release of the Creative Cloud desktop app. For now, you can close the app, by choosing File > Close.
Common questions
No. This configuration does not impact trust relationships.
No. Users must authenticate with a Federated ID account.
This configuration will not work if browser-based login is configured by the admin.
Adobe MAX
The Creativity Conference
Oct 14–16 Miami Beach and online
Adobe MAX
The Creativity Conference
Oct 14–16 Miami Beach and online