71554ca7cf
As per discussion in the OSA docs summit session, clean up of installation guide. This fixes typos, minor RST mark up changes, and passive voice. This patch also merges a some of the sections into the larger chapter. This is in an effort to remove multiple smaller files. This patch is the first of many to avoid major conflicts. Change-Id: I38daa515ba47fde7719cd0bd3e0e40c2cd0f39f1
1.9 KiB
Home OpenStack-Ansible Installation Guide
Configuring Active Directory Federation Services (ADFS) 3.0 as an identity provider
To install ADFS:
Configuring ADFS
Ensure the ADFS Server trusts the service provider's (SP) keystone certificate. We recommend to have the ADFS CA (or a public CA) sign a certificate request for the keystone service.
In the ADFS Management Console, choose
Add Relying Party Trust.Select
Import data about the relying party published online or on a local networkand enter the URL for the SP Metadata ( for example,https://<SP_IP_ADDRESS or DNS_NAME>:5000/Shibboleth.sso/Metadata)Note
ADFS may give a warning message. The message states that ADFS skipped some of the content gathered from metadata because it is not supported by ADFS
Continuing the wizard, select
Permit all users to access this relying party.In the
Add Transform Claim Rule Wizard, selectPass Through or Filter an Incoming Claim.Name the rule (for example,
Pass Through UPN) and select theUPNIncoming claim type.Click
OKto apply the rule and finalize the setup.
References
- http://blogs.technet.com/b/rmilne/archive/2014/04/28/how-to-install-adfs-2012-r2-for-office-365.aspx
- http://blog.kloud.com.au/2013/08/14/powershell-deployment-of-web-application-proxy-and-adfs-in-under-10-minutes/
- https://ethernuno.wordpress.com/2014/04/20/install-adds-on-windows-server-2012-r2-with-powershell/