Table of Contents
Advertisement
Sign-on URL: Specify the URL for logging in, such as https://adfsaccount.adatum.com/adfs/
ls/.
Logout URL: Specify the URL for logging out, such as https://adfsresource.treyresearch.net/
adfs/ls/
Identity Provider: Specify the path to the signing certificate of the ADFS server.
3 Confirm the certificate, then click Next.
4 For the authentication card, specify the following values:
ID: Leave this field blank.
Text: Specify a description that is available to the user when the user mouses over the card.
Image: Select an image, such as Customizable, or any other image.
Show Card: Enable this option so that the card can be presented to the user as a login option.
5 Click Finish.
6 Continue with
Modifying the User Identification Specification
The default settings for user identification are set to do nothing. The user can authenticated but the
user is not identified as a local user on the system. This is not the scenario we are configuring. We
want the user to be identified on the local system. Additionally, we want to specify which contract
on the Access Gateway is satisfied with this identification. If a contract is not specified, the Access
Gateway resources must be configured to use the Any Contract option, which is not a typical
configuration.
1 On the WS Federation page, click the name of the Adatum identity provider configuration.
2 Click User Identification.
3 For Satisfies contract, select Name/Password – Form.
4 Select Allow federation.
5 For the User Identification Method, select Authenticate.
6 OK twice.
7 Update the Identity Provider.
8 Continue with
page
200.
Importing the ADFS Signing Certificate into the NIDP-Truststore
The Novell Identity Provider (NIDP) must have the trusted root of the ADFS signing certificate (or
the certificate itself) listed in its trust store, as well as specified in the relationship. This is because
most ADFS signing certificates have a chain, and the certificate that goes into the metadata is not the
same as the trusted root of that certificate. However, because the Active Directory step-by-step
guide uses self-signed certificates for signing, it is the same certificate in both the trust store and in
the relationship.
To import the ADFS signing certificate's trusted root (or the certificate itself) into the NIDP-
Truststore:
1 On the Identity Servers page, click Edit > Security > NIDP Trust Store.
200 Novell Access Manager 3.1 SP1 Identity Server Guide
"Modifying the User Identification Specification" on page
"Importing the ADFS Signing Certificate into the NIDP-Truststore" on
200.
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Novell ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER
Related Products for Novell ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER
- NOVELL ACCESS MANAGER 3.1 SP2 - README 2010
- NOVELL ACCESS MANAGER 3.1 SP2 BETA 1 - SCENARIOS 2009
- NOVELL ACCESS MANAGER 3.1 SP1 - AGENT GUIDE
- NOVELL ACCESS MANAGER 3.1 SP2 - SSL VPN USER GUIDE 2010
- Novell Access Manager 3.1 SP 1
- Novell Access Manager 3.1 SP2 Beta 1
- Novell Access Manager 3.1 SP 2
- NOVELL CLIENT LOGIN EXTENSION 3.7 - ADMINISTRATION
- NOVELL IDENTITY ASSURANCE SOLUTION 3.0.2 - ADMINISTRATION
- NOVELL IDENTITY MANAGER 3.6.1 - STAGING BEST PRACTICES GUIDE 2010
- NOVELL IDENTITY MANAGER 3.6.1 - NULL SERVICE AND LOOPBACK SERVICE DRIVERS
- NOVELL IDENTITY MANAGER 3.6.1 - JOBS GUIDE
- NOVELL IDENTITY MANAGER 3.6.1 - TASK SERVICE DRIVER
- NOVELL IFOLDER 3 - ADMINISTRATION
- NOVELL POLICIES IN IMANAGER 3.6.1 - 06-05-2009
- NOVELL POLICY IN DESIGNER 3.5 - 09-18-2009