Novell ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010 Manual page 265
Identity server guide
Hide thumbs
Also See for ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010:
- Manual (264 pages) ,
- User manual (58 pages) ,
- Manual (30 pages)
Table of Contents
Advertisement
on the Access Gateway is satisfied with this identification. If a contract is not specified, the Access
Gateway resources must be configured to use the Any Contract option, which is not a typical
configuration.
1 On the WS Federation page, click the name of the Adatum identity provider configuration.
2 Click User Identification.
3 For Satisfies contract, select Name/Password – Form.
4 Select Allow federation.
5 For the User Identification Method, select Authenticate.
6 Click OK twice.
7 Update the Identity Provider.
8 Continue with
"Importing the ADFS Signing Certificate into the NIDP-Truststore" on
page
265.
Importing the ADFS Signing Certificate into the NIDP-Truststore
The Identity Server must have the trusted root of the ADFS signing certificate (or the certificate
itself) listed in its trust store, as well as specified in the relationship. This is because most ADFS
signing certificates have a chain, and the certificate that goes into the metadata is not the same as the
trusted root of that certificate. However, because the Active Directory step-by-step guide uses self-
signed certificates for signing, it is the same certificate in both the trust store and in the relationship.
To import the ADFS signing certificate's trusted root (or the certificate itself) into the NIDP-
Truststore:
1 On the Identity Servers page, click Edit > Security > NIDP Trust Store.
2 Click Add.
3 Next to the Trusted Root(s) field, click the Select Trusted Root(s) icon.
This adds the trusted root of the ADFS signing certificate to the Trust Store.
4 On the Select Trusted Roots page, select the trusted root or certificate that you want to import,
then click Add Trusted Roots to Trust Stores.
If there is no trusted root or certificate in the list, click Import. This enables you to import a
trusted root or certificate.
5 Next to the Trust store(s) field, click the Select Keystore icon.
6 Select the trust stores where you want to add the trusted root or certificate, then click OK twice.
7 Update the Identity Server so that changes can take effect.
This ends the basic configuration that must be done to for the Identity Server to trust the ADFS
server as an identity provider. However, the ADFS server needs to be configured to act as an identity
server and to trust the Identity Server. Continue with
to Be an Identity Provider," on page
Section 10.2.2, "Configuring the ADFS Server
266.
Configuring WS Federation 265
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Novell ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010
Related Products for Novell ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010
- NOVELL ACCESS MANAGER 3.1 SP2 BETA 1 - SCENARIOS 2009
- NOVELL ACCESS MANAGER 3.1 SP1 - AGENT GUIDE
- NOVELL ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER
- NOVELL ACCESS MANAGER 3.1 SP2 - SSL VPN USER GUIDE 2010
- Novell Access Manager 3.1 SP 1
- Novell Access Manager 3.1 SP2 Beta 1
- Novell Access Manager 3.1 SP 2
- NOVELL CLIENT LOGIN EXTENSION 3.7 - ADMINISTRATION
- NOVELL IDENTITY ASSURANCE SOLUTION 3.0.2 - ADMINISTRATION
- NOVELL IDENTITY MANAGER 3.6.1 - STAGING BEST PRACTICES GUIDE 2010
- NOVELL IDENTITY MANAGER 3.6.1 - NULL SERVICE AND LOOPBACK SERVICE DRIVERS
- NOVELL IDENTITY MANAGER 3.6.1 - JOBS GUIDE
- NOVELL IDENTITY MANAGER 3.6.1 - TASK SERVICE DRIVER
- NOVELL IFOLDER 3 - ADMINISTRATION
- NOVELL POLICIES IN IMANAGER 3.6.1 - 06-05-2009
- NOVELL POLICY IN DESIGNER 3.5 - 09-18-2009
Need help?
Do you have a question about the ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010 and is the answer not in the manual?
Questions and answers