You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

You need to add your ADFS server as a SAML Service Provider in your DualShield server.

In the DualShield Admin Console, select "SSO | Service Providers", then click "Create" on the toolbar.

Use the following settings:

FieldValue
SSO Serverselect the SSO server to which the ADFS will be connected, e.g."Single Sign-On Server"
Applicationselect the application that you created for ADFS integration in the previous step
Nameenter a descriptive text
Typeselect "SAML 2.0"

Click the "Create Metadata" button

Copy the XML code block below and paste into the metadata box. 

<EntityDescriptor entityID="https://your-adfs-address/adfs/services/trust" xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<SPSSODescriptor
AuthnRequestsSigned="false"
WantAssertionsSigned="true"
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">

<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://your-adfs-address/adfs/ls/"/>
<NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://your-adfs-address/adfs/ls/" index="0" isDefault="true"/>
</SPSSODescriptor>
</EntityDescriptor>

Replace "your-adfs-address" with the address of your ADFS server, e.g: adfs.deepnetmfa.com

Click the "Save" button to save the metadata.

Click the "Save" button again to create the new Service Provider.





  • No labels