To add your ADFS server as a SAML Service Provider in your DualShield server, follow steps below.
In the DualShield Admin Console, select "SSO | Service Providers", then click "Create" on the toolbar.
Use the following settings:
| Option | Value |
|---|---|
| SSO Server | select the SSO server to which the ADFS will be connected, e.g."Single Sign-On Server" |
| Application | select the application that you created for ADFS integration in the previous step, e.g. "ADFS" |
| Name | enter a descriptive text as the name of the service provider to be created, e.g. "ADFS" |
| Type | select "SAML 2.0" |
| NameID Format | |
| Sign on SAML Assertion |
|
| Add "InResponseTo" |
|
Click the "Create Metadata" button
Copy the XML code block below and paste into the metadata box.
<EntityDescriptor entityID="http://your-adfs-address/adfs/services/trust" xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://your-adfs-address/adfs/ls/"/> |
|---|
Replace "your-adfs-address" with the address of your ADFS server, e.g: adfs.deepnetmfa.com
Click the "Save" button to save the metadata.
Click the "Save" button again to create the new Service Provider.
