You can connect your editorial calendar Desk-Net with MS Active Directory.
How to Set Up Single Sign-On with ADFS for Desk-Net?
Pre-Conditions
- Your company needs to be both an ADFS user as well as a Desk-Net customer.
- Your Desk-Net subscription must include access to the SAML security features. You get access to these features by purchasing the Support & Security Package. If you are a large enterprise customer this will likely be included in your package.
As a result you need to be eligible to access the Security page in Desk-Net.
Please contact Desk-Net Sales if you are interested in this feature, but don't have access to it.
Setting up the Connection
Follow these steps in ADFS:
- Create a new Relying Party Trust with
- Federation metadata addresses: https://desknet-saml.s3.eu-central-1.amazonaws.com/desk-net.com.xml
- Display name (e.g. "Desk-Net")
- Claim rule name (images below):
- 1. Send E-Mail (E-Mail Address),
- 2. Transform E-Mail to Name ID (Name ID),
- 3. User info (first Name, last Name)
- Copy the metadata URL for use in Desk-Net
Once you have done this in ADFS setting it up in Desk-Net is easy:
- Access the Security page in Desk-Net
- In the ADFS section enter the following data from your company's ADFS account:
- Domain name (e.g. "acme-publishing.com"). It must be unique to avoid duplication.
- Metadata URL
- Test the connection by clicking on Test Connection
- Click Save at the bottom of the page and you are all done.
Before first login: please check Time Synchronization with a public Time Synchronization Server (for example, provided by Microsoft) on the domain controller server with the command line w32tm /config /syncfromflags:manual /manualpeerlist:time.windows.com /update to avoid large time shifts!
How Users Can Use the Single Sign-On
For the first login after the ADFS connection has been set up users access Desk-Net via the usual login page.
On that page they find a button Login With ADFS. They are then prompted to enter the domain name that's related to their ADFS account.
Errors
Please check the special page with a list of potential SAML error messages.
Comments
0 comments
Please sign in to leave a comment.