ADFS setup for single-sign-on
ADFS is a Microsoft component that runs on Windows Server which allows single-sign-on access to systems and applications. You can read more about this here.
In this guide we will describe how to set this component up.
This is a continuation of our single-sign-on guide.
1. Go to ADFS server and open ADFS Management.
2. Click on Add Relying Party Trust.
3. Click Next.
4. Select Enter data... option.
5. Set the Display name.
6. Select Enable SAML 2.0 protocol and insert the Single Sign On URL from step 2 in GpsGate Setup.
Change “http” to “https”, because ADFS supports only HTTPS.
Example: something like https://yourserver.com/saml/login.aspx?adfsid=ID
7. Insert the URL that looks like https://yourserver.com/saml/login.aspx
8. Click on the Add button
9. Select Permit everyone.
10. Now in the new opened window Edit Claim Issuance Policy for... add a new rule.
11. Select Send LDAP Attributes as Claims.
12. Set Claim rule name.
Select Active Directory for Attribute Store.
Select ‘SAM-Account-Name’ for ‘LDAP Attribute’ and ‘Name ID’ for ‘Outgoing Claim Type’.
13. Now we can continue to step 2 from single-sign-on guide.