How to configure ADFS to different ADAM store rather than the domain/AD the ADFS is installed on?
For example: ADFS 2.0 is installed on xyz.com domain & users authentication happen with some ADAM store (all we have is the connection string)...
Asked
Active
Viewed 786 times
2 Answers
0
ADAM is essentially an LDAP - look here
Note that you can only use ADAM for authorisation not authentication.
rbrayb
- 46,440
- 34
- 114
- 174
-
This is not related to Attribute store choice. My question is that user gets authenticated against a ADAM other the AD ADFS is installed on.... – user1170337 Jan 26 '12 at 18:39
-
ADFS requires AD DS not an LDAP for authentication. – rbrayb Jan 27 '12 at 01:03
0
At last we created the custom STS that ADFS will trust for our solution.
So now:
RP will be added in ADFS.
ADFS trust token from custom STS.
HomeRealmDiscovery modified to show custom STS login page.
Custom STS creates the token & pass to ADFS & ADFS is set to pass claims & token to RP.
& it all worked.
We had many issues with setting up the right certificated (in our test we used Selfssl7) & everything is on same machine with ADFS, CustomSTS & RP working on different ports (ADFS on default 443).
user1170337
- 1
- 1
-
could you share your code on 1. how you set up the custom STS 2. how ADFS showed the new log in page 3. the communication between your ADFS server and Identity Provider STS? – Vijay V Jan 17 '13 at 15:18