Verify that you meet the following requirements before you import the connector:
An understanding of identity federation using the SAML 2.0 protocol.
For more information about SAML, see the OASIS website.
An ADFS 2.0 system, installed and configured.
Administrator access to the ADFS system. An understanding of ADFS and its management tools are presumed.
An ADFS user account for each user who wants to authenticate to ADFS through the CloudAccess single sign-on service. The connector for ADFS does not provision user accounts.
The location in the ADFS administration console where you will configure the SAML 2.0 federation for CloudAccess.
When you configure the connector, the Federation Instructions provide the information that you will need to set up the federation in ADFS for CloudAccess. This information includes the metadata; a signing certificate for the appliance; the field values to use; and other guidance.
The metadata file from the ADFS 2.0 system.
https://adfsserver/FederationMetadata/2007-06/FederationMetadata.xml
You will need the following information from the metadata file:
Assertion Consumer Service URL: The value in the AssertionConsumerService field with the HTTP-POST binding.
EntityID: The value in the entityID field.
Logout URL: The value in SingleLogoutService Location field with the HTTP-POST binding.
(Optional) An X.509 signing certificate from ADFS is required to support single logout. Communications use SSL regardless of whether you provide this certificate.