I am attempting to get SSO working for WebHelpDesk using ADFS 2.0 and I am unable to get the authentication to work properly.
Information about our setup:
WebHelpDesk 12.0.0 Hotfix 1
WebHelpDesk Server is encrypted with a SSL Certificate from GoDaddy
ADFS Server is encrypted with a SSL Certificate from GoDaddy
When anyone accesses the WebHelpDesk, it redirects them to our ADFS Server correctly, appears to authenticate them correctly, but when it passes the token back to WebHelpDesk, they are not logged in. They are presented with a standard WebHelpDesk login screen.
As of now, I have the "Signature" for the RP settings using the "ADFS Signing" certificate generated by the ADFS Server. The "Encryption" for the RP Settings is using the SSL Certificate from GoDaddy that is securing the IIS website and the "Service Communications".
The WebHelpDesk is using the "ADFS Signing" certificate generated by the ADFS Server.
Because the WebHelpDesk is redirecting users to the ADFS Server which appears to be authenticating correctly, I believe my issue lies somewhere with the Token-Signing & Token-Decrypting Certificates but I am not 100% sure of that.
Any help would be GREATLY appreciated.
Try the following:
1. Do not set anything in the Signature nor Encryption tabs of the RP settings
2. In your ADFS server, export the "Token-signing" certificate and use that for the Verification certificate in "Setup > General > Authentication"
Then for the logout if you'd like to use that too:
0. open ADFS Managment
1. Click on Relying Party Trust
2. Select your WHD Relying Party Trust (in your case, ihelp)
3. Select Endpoint tab
4. Add new one
5. Select SAML Logout; POST; URL "https://<ADFS_Server_IP/domain_name>/adfs/ls/?wa=wsignout1.0" and Save changes.
Use the same logout URL in WHD.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process. Learn more today by joining now.