[Active Directory] ADFS access

[Active Directory] ADFS access

  
Forge Component
(9)
Published on 2017-07-12 by Renato Pauleta
9 votes
Published on 2017-07-12 by Renato Pauleta

Hi,

Is it possible to integrate this with ADFS?

Regards

Hi Romuel,

I don't think it will work.

It would be great though.

Cheers.

Renato Pauleta wrote:

Hi Romuel,

I don't think it will work.

It would be great though.

Cheers.


Hi Romuel,

Just to complement this a bit better. The component uses Directory Services to check the Active Directory for users, inside organization units and domains. If you just want to connect to different domains and check if a user exists there, then this might work.


I suggest you try to install it and give it a go for the different domains. For instance, typically we configure authentication with OutSystems in the Users application which can use AD, but can only be set for a specific domain. Then you can use the component to do your own authentication process, by validating the user in the different domains (you can check if the username / pass is valid) and then doing the login yourself.


Let me know if you need help testing it.

Thanks, Renato. 

Yes, please help me setup Active Directory. I want to know if it can validate a user if I run it on different domains. I tried the AD Import and it works at syncing AD users with OS. But when I tried it on a domain running ADFS, it couldn't access the AD groups. 

Ok. So you've already published the active directory app and created different configurations for the different domains, then applied the generated token to the ADConfiguration espace so you could get the sample pages to work, correct?

And on one domain it works, but the other under ADFS it does not, is that it?

I need more understanding on how ADFS works and how it relates to the AD. Because it might be configurations, or just the way we're trying to use it.

Hi Renato,

I haven't configured the Active Directory app yet. I need help on how to do this. The one I tried was the AD Import app.

Not sure if it's the best solution for you, but some people have integrated with ADFS using SAML, with the IdP component from the Forge.

Hi Paulo,

I believe Romuel's team is precisely exploring an alternative to the IdP component from Forge ;)

But thanks for highlighting that workaround, useful for future interested parties to this topic, indeed!

Romuel Pascua wrote:

Hi Renato,

I haven't configured the Active Directory app yet. I need help on how to do this. The one I tried was the AD Import app.


Hi Romuel.


1 - install the component

2 - open the ADConfigurations on the browser and create two access tokens for your different domains

3 - open service center and change the site property "ADToken" to the access token you want to test first

4 - go back to the ADConfigurations screen and click search under Groups or Users to see if it works



Let me know how it goes.


Cheers.