Create a Web logon procedure

1. Login to the DualShield Administration Console
2. In the main menu, select “Authentication > Logon Procedures”
3. Click the “+ CREATE” button on the toolbar, on the right
4. Enter a recognisable “Name” and select “Web SSO” as the Type
   
   
   
   
5. Click “SAVE”
6. Click the Context Menu icon of the newly created Logon Procedure, select “Logon Steps”
7. In the popup window, click the “+ ADD” button on the toolbar
8. Add the necessary Authentication methods here
   
   

Create a Web application

1. In the main menu, select “Authentication > Applications”
2. Click the “+ CREATE” button on the toolbar
3. Enter a recognisable “Name”
4. Select your internal “Realm”
5. Add the newly created Logon Procedure (from the previous step)
   
   
   
   
6. Click "Save" 
7. Click the context "..." menu of the newly created Application, then select "Agent" 
8. Select the "Single Sign-on Server (SSO Server)"
   
   
   
   
9. Click "Save"
10. Click the context "..." menu of the newly created Application, then select "Self Test" 
    
    

Download the DualShield IdP Metadata

1. In the main menu, navigate to " SSO > SSO Servers" 
2. Click the context "..." menu of "Single Sign-on Server (SSO Server") then select "Download Idp MetaData" .
   Note the Name and location of the XML file, saved locally.

In order to create a Service Provider for Splunk within DualShield - Next complete the "Splunk SAML Configuration"
Plus Download the Splunk Service Provider (SP) Metadata.


Create a Service Provider 

1. In the main menu, select " SSO | Service Providers" 
2. Click "Create"
3. Enter "Name", Select Type as "SAML 2.0"
4. Copy the content of Service Provider Metadata (SPMetadata.xml) into the "Metadata" field. 
   
   
   
   
5. Click Edit for Attribute and create a role attribute map to a fix value that match the name of the Splunk group for instance: admin
   
6. Select "User Principle Name" on NameID Fromat drop down list.