Enabling SAML

hpstech

I've read all the docs, AE's guide, and seem to have a good understanding of the process.

But, I'm wondering if anyone had issues with F5 SAML/SSO setup?

Any pitfalls?

I've never enabled SSO/SAML so I just want our F5 SME to feel comfortable with whatever kind of roadmap I can provide.

Am I overthinking this? It is easy?

Without a test environment its hard to feel confident making such a significant change - and, with very strict change control, I'm sort of unsure on a specific step by step guide for CAB.

Thanks for any thoughts.

vinay.by

Firstly I am assuming you are talking about integrating SAML with SolarWinds NPM for user authentication. 

1. What's the max that can happen ? I understand you don't have a test environment. 

2. Say suppose you integrate NPM with which ever SAML mechanism, you import the SAM authentication certificate, then you create SAML groups in SolarWinds and it doesn't work - you can easily revert back to the previous state - just make sure your SolarWinds application local admin account is working before you integrate it with SAML.

3. I am sure you know the advantages of SSO/SAML be is password less authentication, password rotation policy, user controls etc etc - Give it a shot, you wont break anything be it production/test.

Hope this helps.