`Home `__ OpenStack-Ansible Installation Guide Configuring ADFS 3.0 as an identity provider ============================================ To install Active Directory Federation Services (ADFS): * `Prerequisites for ADFS from Microsoft Technet `_ * `ADFS installation procedure from Microsoft Technet `_ Configuring ADFS ~~~~~~~~~~~~~~~~ #. Ensure the ADFS Server trusts the service provider's (SP) keystone certificate. We recommend to have the ADFS CA (or a public CA) sign a certificate request for the keystone service. #. In the ADFS Management Console, choose ``Add Relying Party Trust``. #. Select ``Import data about the relying party published online or on a local network`` and enter the URL for the SP Metadata ( for example, ``https://:5000/Shibboleth.sso/Metadata``) .. note:: ADFS may give a warning message. The message states that ADFS skipped some of the content gathered from metadata because it is not supported by ADFS #. Continuing the wizard, select ``Permit all users to access this relying party``. #. In the ``Add Transform Claim Rule Wizard``, select ``Pass Through or Filter an Incoming Claim``. #. Name the rule (for example, ``Pass Through UPN``) and select the ``UPN`` Incoming claim type. #. Click :guilabel:`OK` to apply the rule and finalize the setup. References ~~~~~~~~~~ * http://blogs.technet.com/b/rmilne/archive/2014/04/28/how-to-install-adfs-2012-r2-for-office-365.aspx * http://blog.kloud.com.au/2013/08/14/powershell-deployment-of-web-application-proxy-and-adfs-in-under-10-minutes/ * https://ethernuno.wordpress.com/2014/04/20/install-adds-on-windows-server-2012-r2-with-powershell/ -------------- .. include:: navigation.txt