This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.

You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

ADFS Single Sign On

jifflemon over 9 years ago

Has anyone implemented it and have a easy to follow guide? (the solarwinds one isn't really suitable for newbies!)

Top Replies

mcgeg over 9 years ago +1

I have set this up successfully. I would not follow the guide as it is missing some vital bits of information. You will notice that in the release notes of the new forthcoming version that there is improvements…

0 filip.nespor over 9 years ago

We don't have it implemented in our internal WHD at SolarWinds, because almost 80-90% employees open tickets by sending email.
However, nice article how to set it up is here: http://knowledgebase.solarwinds.com/kb/questions/4204/How+To+Configure+Single+Sign+On+For+Web+Help+Desk+Using+Active+Directory+Federation+Services
Regards,
Filip Nespor
IT department
Cancel
Vote Up 0 Vote Down

Cancel
0 mcgeg over 9 years ago

I have set this up successfully.
I would not follow the guide as it is missing some vital bits of information.
You will notice that in the release notes of the new forthcoming version that there is improvements to the ADFS documentation - this is down to some work I did with their support desk to get ADFS working.
I would perhaps wait until that is released
Cancel
Vote Up +1 Vote Down

Cancel
0 jifflemon over 9 years ago in reply to filip.nespor

We're trying to avoid users logging by email and so, want to improve the experience by having single sign on so there's one less password entry box for users.
The guide is good but seems to be missing info.
Cancel
Vote Up 0 Vote Down

Cancel
0 jifflemon over 9 years ago in reply to mcgeg

Ah.... That's what I was looking for! I'm guessing my options are:
1) storm in then raise a support call to have them fix the implementation
2) wait for the new release
Can anyone from Solarwinds comment on release schedule?
Cancel
Vote Up 0 Vote Down

Cancel
0 conners over 9 years ago

Two big things when doing the ADFS SSO thing is you need WHD setup for SSL and only using the HTTPS port and if
installing ADFS on anything below Win server 2012 is download ADFS 2.0 from MS as the role on 2008R2 is for ADFS 1.0
which isn't SAML 2.0 compatible.
When creating the RP trust use the metadata provided by WHD, and once it is created change the Secure hash algorithm
to SHA1 and then create a claim rule using LDAP attributes with SamAccountName to NameID.
Also make sure on the /adfs/ and /adfs/ls/ sites have windows auth enabled.
Cancel
Vote Up 0 Vote Down

Cancel
0 jifflemon over 9 years ago in reply to conners

Helpdesk is already running on HTTPS and the ADFS server is 2012 R2.
I've tried importing the metadata for the RP via the URL https://helpdesk.domain.com/helpdesk/WebObjects/Helpdesk.woa (obviously replacing domain.com) but get an error saying that the file can't be found.
Cancel
Vote Up 0 Vote Down

Cancel
0 conners over 9 years ago in reply to jifflemon

You need /ra/saml/metadata.xml on the end of that URL and you have to have switch the auth over the SAML 2.0 inside WHD
Cancel
Vote Up 0 Vote Down

Cancel