ADFS setup for single-sign-on
This is a continuation of our single-sign-on guide.
ADFS configuration
1. Go to ADFS server and open ADFS Management.
2. Click on Add Relying Party Trust.
3. Click Next.
4. Select Enter data... option.
5. Set the Display name.
6. Select Enable SAML 2.0 protocol and insert the Single Sign On URL from step 2 in GpsGate Setup.
Change “http” to “https”, because ADFS supports only HTTPS.
Example: something like https://yourserver.com/saml/login.aspx?adfsid=ID
7. Insert the URL that looks like https://yourserver.com/saml/login.aspx
8. Click on the Add button
9. Select Permit everyone.
10. Now in the new opened window Edit Claim Issuance Policy for... add a new rule.
11. Select Send LDAP Attributes as Claims.
12. Set Claim rule name.
Select Active Directory for Attribute Store.
Select ‘SAM-Account-Name’ for ‘LDAP Attribute’ and ‘Name ID’ for ‘Outgoing Claim Type’.
13. Now we can continue from Single Sign On setup > step 6, entering the credentials generated at this point.