If a client want to log in to the Appserver and transfer user data automatically (SSO), either from an embedded browser or any browser, then the AppServer must be accessible either from Local intranet or included in the list of Trusted sites.

If the PARTapplicationServer is not running with a "Local System account", but with a Service-Account, please note that the service requires ServicePrincipalName entries in the Active Directory in addition. On this see Section 3.4.3, “AppServer Configuration ”.