Configuring A Protected Resource For A Sharepoint Server With An Adfs Server - Novell ACCESS MANAGER 3.1 SP2 - ACCESS GATEWAY GUIDE 2010 Manual

For more information on how to configure a protected resource for a SharePoint server, see
Cool Solutions (http://www.novell.com/communities/node/8346/sharepoint-integration-linux-
access-gateway).
1.4.2 Configuring a Protected Resource for a SharePoint
Server with an ADFS Server
If your SharePoint server is configured to use an ADFS server and you want to create a protected
resource for the SharePoint server, you need to configure the following Access Manager features.
The instructions assume that you have a functioning SharePoint server and a functioning Access
Manager system:
"Configuring a Custom Contract" on page 39
"Creating a Reverse Proxy Service" on page 40
"Configuring Multiple Protected Resources" on page 40
Configuring a Custom Contract
ADFS requires a different format for a contract URI than the format used in the default contracts. It
expects the URI to conform to the format of a URL. You need to create a custom contract.
1 In the Administration Console, click Devices > Identity Servers > Servers > Edit > Local >
Contracts
2 Click New, then fill in the following fields:
Display name: Specifies the name of the authentication contract.
URI: Specifies a value that uniquely identifies the contract from all other contracts. No spaces
can exist in the URI field. For SharePoint, specify the following format for the URI:
https://<baseurl>/name/password/uri
Replace <baseurl> with the base URL of your Identity Server. If the DNS name of your
Identity Server is
idp-50.amlab.net
https://idp-50.amlab.net:8443/nidp/name/password/uri
Methods and Available Methods: Move a name/password method to the Methods list. We
recommend Secure Name/Password - Basic, but you can use Name/Password - Basic.
Do not configure a password expiration servlet. This contract is going to be used with non-
redirected login, which prevents all redirection, including redirection to a password expiration
service.
For more information on the other options, see
Novell Access Manager 3.1 SP2 Identity Server
3 Click Next.
4 Configure a card for the contract by filling in the following:
Text: Specify the text that is displayed on the card to the user.
Image: Specify the image to be displayed on the card. To use an existing image, select an
image from the drop-down list. To add an image to the list, click Select local image.
Show Card: Determine whether the card is shown to the user, which allows the user to select
and use the card for authentication. If this option is not selected, the card is only used when a
service provider makes a request for the card.
, the URI would have the following format:
"Configuring Authentication
Guide.
Configuring the Access Gateway to Protect Web Resources
Novell
Contracts" in the
39