Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
Anonymous_User Absent Member.
Absent Member.
157 views

NAM 3.2 Sharepoint 2010 and user federation


We have NAM3.2 protecting Sharepoint 2010 in our system. Now another
organization want to access our applications and they have ADFS2.0 set
up in their end. I'm trying to figure out how to allow them to access
our application using federated ID. I found instruction on setting up
NAM3.2 as relay party and set up ADFS as Claim Provider. I didn't find
how to set up NAM3.2 to relay the Claim to share point applications. In
NAM document, it seems that NAM can only provide identity to protected
applications using either form fill or identity injection (This is how
our own users access share point application).

Any help is appreciated.

Thanks
Mark


--
mxu1386
------------------------------------------------------------------------
mxu1386's Profile: https://forums.netiq.com/member.php?userid=1361
View this thread: https://forums.netiq.com/showthread.php?t=49253

0 Likes
3 Replies
Anonymous_User Absent Member.
Absent Member.

Re: NAM 3.2 Sharepoint 2010 and user federation

mxu1386 wrote:

>
> We have NAM3.2 protecting Sharepoint 2010 in our system. Now another
> organization want to access our applications and they have ADFS2.0 set
> up in their end. I'm trying to figure out how to allow them to access
> our application using federated ID. I found instruction on setting up
> NAM3.2 as relay party and set up ADFS as Claim Provider. I didn't find
> how to set up NAM3.2 to relay the Claim to share point applications.
> In NAM document, it seems that NAM can only provide identity to
> protected applications using either form fill or identity injection
> (This is how our own users access share point application).
>


What type of federation do you want to use? Persistent or transient?

--
Cheers,
Edward
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: NAM 3.2 Sharepoint 2010 and user federation


We will need persistent, what we will do is to create users in our local
AD server and match them to external users when they log in from their
own org's server.


--
mxu1386
------------------------------------------------------------------------
mxu1386's Profile: https://forums.netiq.com/member.php?userid=1361
View this thread: https://forums.netiq.com/showthread.php?t=49253

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: NAM 3.2 Sharepoint 2010 and user federation

mxu1386 wrote:

>
> We will need persistent, what we will do is to create users in our
> local AD server and match them to external users when they log in
> from their own org's server.


Ok, so I guess you'll use provisioning rules. ADFS 2.0 also supports
SAML by the way (there's a thread about how to configure ADFS 2.0 as a
SAML IDP to NAM). You can configure NAM to consume attributes during
authentication and then store these as customimizable strings. You can
inject this customizable strings. You can probably also store these
attributes on the user account you'll create but I'm not sure how that
is done. That way you can select 'normal' LDAP attributes to be
injected rather than customizable strings.

--
Cheers,
Edward
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.