SECURING
After you create the IdP configuration document for Nomad federated login and export the ServiceProvider.xml file, set up a relying party trust for your IdP to import the ServiceProvider.xml file into your IdP.
About this task
The steps vary by IdP. The following procedure provides an example for Active Directory Federation Services (ADFS) 4.0.
Procedure
1. From ADFS, select Start -> Server Manager -> AD FS Management.
2. Navigate to the Relying Party Trusts folder.
3. Select Action -> Add Relying Party Trust.
4. Click Start to run the Add Relying Party Trust wizard.
5. Click Under Welcome, selectClaims-aware.
6. In the Select Data Source window select Import data about the relying party from a file, select theServiceProvider.xml file that you exported from the IdP configuration document. Then, click Next. Items imported from the .xml file are shown. You can edit these items.
8. Right-click the name of the Relying Party Trust that you created, and selectEdit Claims Issuance Policy
9. In the Edit Claims Rules dialog, click Add Rule.
10. In the Select Rule Template dialog, for Choose Rule Type, selectSend LDAP Attributes as Claims, and clickNext.
11. Complete the Configure Rule dialog box:
b. For Attribute store, select Active Directory.
c. For LDAP Attribute, selectE-Mail-Addresses.
d. For Outgoing Claim Type, select Name ID.
e. Click Finish.
13. In the AD FS Trust Relationships -> Relying Party Trusts folder:
b. Click the Endpoints tab.
c. For SAML Assertion Consumer Endpoints, verify that there is a REDIRECT binding URL for the Nomad Safelinx server. In addition, if there is an Artifact binding URL, remove it.
Complete the procedure Enabling Nomad federated login.
Parent topic: Nomad federated login