Comment on page
Setting up authentication with ADFS
The following guide will assist you in configuring your application to use Active Directory Federation Services (ADFS) for authentication.
- 1.Open the ADFS console, expand
Trust Relationships
, right-clickRelying Part Trusts
and selectAdd relying-party trust
- 2.Click
Next
and selectEnter data about the relying party manually
- 3.Specify
Lithnet Access Manager
as the display name - 4.Select
AD FS profile
- 5.Skip the encryption certificate step
- 6.Check the box to
Enable support for the WS-Federation Passive protocol
. Specify the base URL where your Lithnet Access Manager is hosted (e.g.https://accessmanager.lithnet.local/
) - 7.Skip the page prompting you to add additional relying-party trust identifiers
- 8.Optionally, configure multifactor authentication for the trust, and follow the remaining pages through to completion
- 9.Edit the claim rules for the application. Add a new issuance transform rule to
Send LDAP attributes as claims
- 10.Set 'Issue UPN' as the claim rule name. Select
Active Directory
as the attribute store,User-Principal-Name
as theLDAP Attribute
andUPN
as the outgoing claim type

!
- 1.Open the Lithnet Access Manager Service Configuration Tool
- 2.Select the
App configuration\User Authentication
page - 3.Select
WS-Federation
as the authentication provider type - 4.In the
metadata
field, provide the metadata URL for your ADFS server (usually something likehttps://adfs.lithnet.local/FederationMetadata/2007-06/FederationMetadata.xml
) - 5.Enter the base URL of your application in the
Realm
field.