Preparing Active Directory Federation Services (ADFS)
If your IdP is Microsoft™ Active Directory Federation Services (ADFS), make sure you meet the following requirements before you configure SAML in Domino®:
- One of the following versions of ADFS installed and configured:
- 2.0 (Provided with Windows Server 2008 R2)
- 3.0 (Provided with Windows Server 2012 R2)
- A Secure Sockets Layer (SSL) certificate on the ADFS server that is signed by a Certificate Authority (CA). The CA root cert should be deployed by a domain policy to clients, an ADFS best practice.
- The following components must be in the same Active Directory domain, unless Active Directory
trust relationships are in place:
- ADFS server
- User records
- Client computers from which users log in. (Integrated Windows™ Authentication only)