Configure federation using SAML (ADFS 2.0) by following the steps below:
1. To initialize the configuration process, open a support ticket with the ValueBlue support team and provide the following details:
- Your ADFS federation metadata URL, which should be something like: https://adfs.mydomain.com/federationmetadata/2007-06/federationmetadata.xml
- The domain name used to log in to your Active Directory domain, for example: myowndomain.nl or myactivedirectorydomain.local.
- Your BlueDolphin site URL
- Your logo in .png format (makes it easier to distinguish SSO from other types of authentication)
- Specify the method (OpenID or SAML)
2. The ValueBlue Support team will create a federation metadata endpoint for you based on this information and send to you the URL of this endpoint (this value will be referred to as %bdfederationmetadataurl%). You will need this URL to set up the relying trust.
3. In Server Manager, select Tools, and then select ADFS Management.
4. Select Add Relying Party Trust.
5. On the Welcome page, choose Claims aware, and then click Start.
6. On the Select Data Source page, select Import data about the relying party publish online or on a local network, provide the following metadata URL, and then click Next.
- When asked for the relying party's federation metadata URL, enter the %bdfederationmetadataurl% value you received from the BlueDolphin support.
7. On the Specify Display Name page, enter a Display name, under Notes, enter a description for this relying party trust, and then click Next.
8. On the Choose Access Control Policy page, select a policy, and then click Next.
9. On the Ready to Add Trust page, review the settings, and then click Next to save your relying party trust information.
10. On the Finish page, click Close. This action automatically displays the Edit Claim Rules dialog box.
11. Select Add Rule.
12. In Claim rule template, select Send LDAP attributes as claims.
13. Provide a Claim rule name. For the Attribute store, select Active Directory, add the following claims, then click Finish and OK.
14. Based on your certificate type, you may need to set the HASH algorithm. On the relying party trust properties window, select the Advanced tab and change the Secure hash algorithm to SHA-256
, and click OK.
15. In Server Manager, select Tools, and then select ADFS Management.
16. Select the relying party trust you created, select Update from Federation Metadata, and then click Update.
Comments
0 comments
Please sign in to leave a comment.