Log in as an administrator to the CloudAccess administration console:

https://appliance_dns_name/appliance/index.html

Drag and drop the WS-Federation connector for ADFS from the Applications palette to the Applications panel.

The Configuration window opens automatically for the initial configuration. To view or reconfigure the settings later, click the connector icon, then click Configure.

On the Configuration page, specify the configuration properties.

Use the information from the ADFS metadata file. The signing certificate from ADFS is optional.

Under Assertion Attribute Mappings, map the WS-Federation Assertion attributes to the attributes in your identity source.

Expand the Federation Instructions, then copy and paste the instructions into a text file to use during the ADFS configuration for single sign-on.

Click the Appmarks tab, then review and edit the default settings for the appmark.

For more information, see Section 2.5, Configuring Appmarks for Connectors.

Click OK to save the configuration.

On the Admin page, click Apply to commit the changes to the appliance.

Wait until the configuration changes have been applied on each node of the CloudAccess cluster.

Log in to ADFS as the ADFS administrator, then configure the WS-Federation federation for CloudAccess in the ADFS administration console.

Use the information from the Federation Instructions in Step 5 to complete the setup.

In the CloudAccess administration console, click Policy in the toolbar, then perform policy mapping to specify entitlements for identity source roles (groups).

For more information, see Mapping Authorizations in the NetIQ® CloudAccess and MobileAccess Installation and Configuration Guide.

Users can log in through CloudAccess to single sign-on to the ADFS system. The CloudAccess login page URL is:

https://appliance_dns_name

If you want users to connect to SharePoint, proceed to Section 14.4, Connecting to SharePoint.