Additional Ws Federation Configuration Options; Modifying A Ws Federation Identity Provider; Renaming The Identity Provider; Configuring The Attributes Obtained At Authentication - Novell ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER Manual

4 When you are directed back to the Identity Server for Federation User Identification, log in to
the Identity Server with a username and password that is valid for the Identity Server (the
service provider).
5 Verify that you are authenticated.
6 Close the browser.
7 Log in again.
This time you are granted access without entering credentials at the service provider.

7.2.4 Additional WS Federation Configuration Options

You can enable the sharing of attribute information from the Identity Server to the ADFS server.
This involves creating an attribute set and enabling the sending of the attributes at authentication.
See Section 7.3.2, "Configuring the Attributes Obtained at Authentication," on page
For other options that can be modified after you have created the trusted identity server
configuration, see Section 7.3, "Modifying a WS Federation Identity Provider," on page

7.3 Modifying a WS Federation Identity Provider

This section explains how to modify a WS Federation identity provider after it has been created.
Section 7.2, "Using the ADFS Server as an Identity Provider for an Access Manager Protected
Resource," on page 197 explains the steps required to create an identity provider.
Section 7.3.1, "Renaming the Identity Provider," on page 203
Section 7.3.2, "Configuring the Attributes Obtained at Authentication," on page 203
Section 7.3.3, "Modifying the User Identification Method," on page 204
Section 7.3.4, "Managing the Metadata," on page 205
Section 7.3.5, "Modifying the Authentication Card," on page 206

7.3.1 Renaming the Identity Provider

1 In the Administration Console, click Devices > Identity Servers > Edit > WS Federation >
[Identity Provider].
2 In the Name field, specify a new name for the identity provider.
3 Click OK twice, then update the Identity Server.

7.3.2 Configuring the Attributes Obtained at Authentication

When the Identity Server creates its request to send to the identity provider, it uses the attributes that
you have selected. The request asks the identity provider to provide values for these attributes. You
can then use these attributes to create policies, to match user accounts, or if you allow provisioning,
to create a user account on the service provider.
To select the attributes:
1 In the Administration Console, click Devices > Identity Servers > Edit > WS Federation >
[Identity Provider] > Attributes.
203.
203.
Configuring WS Federation 203