ADFS integration
Paul B. Henson
henson at cpp.edu
Wed Aug 19 19:46:18 EDT 2015
> From: Misagh Moayyed
> Sent: Wednesday, August 19, 2015 1:30 PM
> To: 'Shib Users' <users at shibboleth.net>
> Subject: RE: ADFS integration
>
> We have used the following guide a number of times to integrate the Idp
> and ADFS:
> https://technet.microsoft.com/en-us/library/gg317734(v=ws.10).aspx
[...]> spot on the wiki, I can document what we did and have you review it.
Hmm, that looks like a more detailed version of what is already being discussed on the wiki page for ADFS v2, including the issue with having to interactively select the shibboleth IDP from the ADFS landing page (barring cookie insertion via an external load balancer).
> Note that this is with ADFS2. I am told that 3 makes this sort of thing a
> tad easier, though you do lose the option of modifying aspx files that
> would be buried in DLLs as resources should you ever need them.
My understanding is that we are running ADFS v3, and indeed unfortunately cannot simply tweak IIS to get rid of the interactivity. I asked our Windows guys to see if they could find any way to automatically pick shibboleth via some mechanism on the ADFS server itself, but so far no go.
Thanks...
--
Paul B. Henson | (909) 979-6361 | http://www.cpp.edu/~henson/
Operating Systems and Network Analyst | henson at cpp.edu
California State Polytechnic University | Pomona CA 91768
More information about the users
mailing list