techsnapshots

Stay hungry Stay foolish….

  • Enter your email address to follow this blog and receive notifications of new posts by email.

    Join 2 other followers

  • Follow me on Twitter

    Error: Twitter did not respond. Please wait a few minutes and refresh this page.

Posts Tagged ‘ADFS’

Manual Relying Party trust on ADFS V3

Posted by techsnapshots on September 16, 2015


How to configure Manual Relying Party or Service provider trust on ADFS side. Here ADFS is acting as Identity provider.

Open the ADFS V3 Snap-in

 

 

 

p1

Right click on Relying Party Trusts and select relying party manually.

p2

 

Provide a display name and notes if required.

p3

 

p4

 

Certificates are already installed with the initial ADFS setup. click next

p5

 

Click enable the support of SAML.

p6

Provide the Relying Party or SP trust identifier link and Add.

p7

 

p8

 

Permit all the users and click next and Finish

p9

Cross check identifier link is visible

p10

 

Provide SP Endpoint Type

p11

 

 

Add Claims. Here Attribute store is Active Directory.

p14

and if you include Name ID as claim . you need to customize the claim rule. click edit rule and provide the following value in below custom rule box.

c:[Type == “http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname”%5D
=> issue(Type = “http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier”, Issuer = c.Issuer, OriginalIssuer = c.OriginalIssuer, Value = c.Value, ValueType = c.ValueType, Properties[“http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/format”%5D = “urn:oasis:names:tc:SAML:2.0:nameid-format:persistent”);

p16

Check the  ADFS trust working by your idpinitatedsignon link as shown below replacing “yourcorpsite” with the name of your ADFS corp site

https://sts.yourcorpsite.com/adfs/ls/IdpInitiatedSignon.aspx

p15

Please comment if you find this post helpful or any suggestions.

Thank you!

Advertisements

Posted in Uncategorized | Tagged: , , | Leave a Comment »