1. Clumio
  2. Knowledge Base
  3. Administration and Security
  4. Authentication and Access

Articles in this section

See more

Configuring SSO for AD FS

Chandan Agarwal
  • Updated

Ensure that you have the following before you start configuring the AD FS server:

  • AD FS account with admin privileges

  • The Clumio metadata XML file (See this KB article on how to get that information from the Clumio Dashboard)

Configuring AD FS as an IdP for Clumio Service

To add the Clumio application to AD FS, go to AD Server, click on Start > Server Manager:
Pic1.png

Make sure that you can locate the AD FS services in the Server Manager portal. From there, go to Tools > AD FS Management:
2.png

Click on click on Service > Endpoints:
3.png

Ensure that Metadata XML endpoint is configured as Yes for Enabled and Proxy Enabled columns:
4.png

Now, configure a relying-party Trust for the Clumio service. Under the AD FS Management, click on Relying Party Trusts and then go to the right section to select Add Relying Party Trust:
5.png 

When the Add Relying Party Trust Wizard appears, click Start:
6.png

In Select Data Source, choose Import data about the relying party from a file and click Browse. Select the Clumio metadata XML file that was downloaded from the Clumio dashboard and click Next:
7.png

In Specify Display Name, enter a display name for the Clumio service, such as Clumio, and then click Next:
8.png

In Choose Access Control Policy, select your appropriate corporate policy, and click Next:
9.png

In Ready to Add Trust, click Next:
10.png

In Finish, keep the Configure claims issuance policy for this application as checked. Click Close:
11.png

Clicking Close opens the Edit Claim Issuance Policy for Clumio wizard. Select Add Rule to create a new rule for Clumio:
 12.png

In Select Rule Template, leave the values as default and click Next:
13.png

In Configure Rule, enter the Claim rule name as Clumio. Under the Attribute store option, select Active Directory. Under the Mapping of LDAP attributes to outgoing claim types, add 2 attributes with LDAP Attribute as E-Mail-Addresses and Outgoing Claim Type as E-Mail Address and Name ID respectively as shown below. Click Finish:
14.png

Select Apply and then click OK:
15.png

Hit Refresh on the AD FS Relying Party Trusts section and confirm the presence of Clumio service in it:
16.png

  

 

Related articles

Comments

0 comments

Please sign in to leave a comment.