So we are rolling out Starling MFA company wide very soon, were doing a pilot currently.
We already stood up CAM and integrated it with Starling, and we have our O365 tenant federated with CAM and Service-Now.
So far with the pilot group, people are getting hit with MFA a dozen or more times a day, from Service-Now specifically.
Every time it refreshes it prompts for MFA again. It skips the username and password because we have kerberos auth enabled from the CAM side.
Which brings me here to ask:
What are the recommended Internet Settings for this? Trusted Sites vs intranet, do we turn on cross domain scripting, what other settings can i set via GPO to give our users the best possible experience with Starling +CAM?
I couldn't find anything, anywhere else, so any help?
I figured this would be something One Identity provides, or has available, so maybe i couldn't find it. But if it doesn't exist I would like to ask One Identity for a some assistance in this.