Configuring ADFS SAML SSO for Active Directory (AD) and LDAP (Customer Portal) - Server 2008/2012

Updated: 02/01/2022
Article #: 254


Note: To configure Cayzu's ADFS SAML SSO your ADFS must be installed properly according to Microsoft's blog

 

1. Open ADFS Management under Server Manager > Tools.

 

2. Open Trust Relationships, right click on Relying Party Trusts and choose Add Relying Party Trust and click on Start

 

 

3. Choose Enter data about the relying party manually and click Next

 

 

4. Enter a suitable Display name and click Next

 

 

5. You can Click Next twice to skip to the next required screen which is "Configure URL".

 

6. On the Configure URL screen, put in the "Relying party SAML 2.0 SSO service URL" to: https:// your Cayzu end-user support portal address/Account/SamlSsoLoginRespond.

 

Example: https://support.bonko.com/Account/SamlSsoLoginRespond

 

 

7. Add cayzu as a Relying party trust identifier

 

 

8. Click 'Next' on the following three screens.

 

9. Check the box Open the Edit Claim Rules dialog for this relying party trust when the wizard closes and click on Close

 

 

 

10. Create the following rule based on “Send LDAP Attributes as Claim” template, and use described below values for mapping

 

 

“E-Mail-Addresses”         <--> “E-Mail-Addresses” or “http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress

“Given-Name”                  <--> “Given-Name” or “http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname

“Surname”                          <--> “Surname” or “http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname

“Telephone-Number”    <--> “http://schemas.xmlsoap.org/ws/2005/05/identity/claims/telephonenumber

 

11. Create the following rule based on “Transform an Incoming Claim”

 

 

 

12. Click on Service > Certificates and right click on Token Signing Certificate to view the certificate

 

 

 

13. Click on the 'Details' tab in the Certificate dialog box. Click on 'Copy to File'. In the resulting Certificate Export Wizard window, choose 'Base-64 encoded X.509 (.CER) and then click Next

 

14. Now log in to your Cayzu Agent Portal with an Administrative account and Click on Admin (left side menu) to access the Admin section.

 

15. Now Click Single Sign On (End-User) and fill in the required information:

 

 

SAML Login URL: https:// Your ADFS Server Host Name/adfs/ls 

Remote Logout URL: Can be any URL that you wish

Certifacte: The certificate you saved in the previous steps.

 

 

16. You're now all set. To test it out, go to your End-user portal URL and Click SSO Sign IN

 

 

 

Have more questions about Cayzu Help Desk? visit https://www.cayzu.com 

 

 






Rate this Topic:
Rating: 5.00 / Votes: 2