Skip to main content

WS-Fed Example

Steps

Attribute definition

First of all, will be mandatory to create two new attributesĀ 

  • User principal name
  • AD SID

image-1695799061910.png

Bear in mind, that those attributes have to be retrieved from the appropriate system:

image-1695803778715.png

And those attributes have to be defined in the object metadata:

image-1695804665489.png

Attribute sharing policies

Define the proper attribute policy

image-1695801239762.png

Service Provider

image-1695801347498.png

Configure Exchange

Finally, you must configure the Exchange.

Set-OrganizationConfig -AdfsIssuer https://gbr.idp.demo.soffid.net/profile/wsfed `
   -AdfsAudienceUris "https://gbr.owa.demo.soffid.net/owa/","https://gbr.owa.demo.soffid.net/ecp/"  `
   -AdfsSignCertificateThumbprint "XXXXXX22B5CFE0B8E409F88D9A687DBXXXXX"
Set-OWAVirtualDirectory -Identity "OWA (Default Web Site)" -AdfsAuthentication $true   `
  -BasicAuthentication $false -DigestAuthentication $false -FormsAuthentication $false `
  -WindowsAuthentication $false
Set-ECPVirtualDirectory -Identity "ECP (Default Web Site)" -AdfsAuthentication $true   `
  -BasicAuthentication $false -DigestAuthentication $false -FormsAuthentication $false `
  -WindowsAuthentication $false
net stop was /y
net start  w3svc


Back to top