We don't have it implemented in our internal WHD at SolarWinds, because almost 80-90% employees open tickets by sending email.
However, nice article how to set it up is here: http://knowledgebase.solarwinds.com/kb/questions/4204/How+To+Configure+Single+Sign+On+For+Web+Help+Desk+Using+Active+Directory+Federation+Services
We're trying to avoid users logging by email and so, want to improve the experience by having single sign on so there's one less password entry box for users.
The guide is good but seems to be missing info.
1 of 1 people found this helpful
I have set this up successfully.
I would not follow the guide as it is missing some vital bits of information.
You will notice that in the release notes of the new forthcoming version that there is improvements to the ADFS documentation - this is down to some work I did with their support desk to get ADFS working.
I would perhaps wait until that is released
Ah.... That's what I was looking for! I'm guessing my options are:
1) storm in then raise a support call to have them fix the implementation
2) wait for the new release
Can anyone from Solarwinds comment on release schedule?
Two big things when doing the ADFS SSO thing is you need WHD setup for SSL and only using the HTTPS port and if
installing ADFS on anything below Win server 2012 is download ADFS 2.0 from MS as the role on 2008R2 is for ADFS 1.0
which isn't SAML 2.0 compatible.
When creating the RP trust use the metadata provided by WHD, and once it is created change the Secure hash algorithm
to SHA1 and then create a claim rule using LDAP attributes with SamAccountName to NameID.
Also make sure on the /adfs/ and /adfs/ls/ sites have windows auth enabled.
Helpdesk is already running on HTTPS and the ADFS server is 2012 R2.
I've tried importing the metadata for the RP via the URL https://helpdesk.domain.com/helpdesk/WebObjects/Helpdesk.woa (obviously replacing domain.com) but get an error saying that the file can't be found.