Adding a SAML Application for SharePoint Server Agent End-User Recovery
After you register the application using Azure AD, integrate with Azure AD by adding a SAML application in the Command Center.
Before You Begin
- Create a certificate and private key (Java keystore (jks) file).
- Create a user group.
- Using Azure AD, register the application.
- In the Command Center, from the navigation pane, go to Manage > Security > Identity servers.
The Identity servers page appears.
- To create an identity server, click Add.
The Add domain dialog box appears.
- Click SAML.
- In the Domain name box, enter an application name.
- Upload the IdP metadata:
- Next to the Upload IDP metadata box, click Browse.
- Browse to the location of the XML file that you downloaded from the Microsoft Azure portal, select the file, and then click Open.
- Generate the SP metadata:
- Under Generate new SP metadata, next to the Upload key store file box, click Browse.
- Browse to the location of the keystore file, for example, C:\security\mykeystore.jks, select the file, and click Open.
- Type the corresponding information for the .jks file.
- Complete the application, and then click Save.
- Add an identity redirect rule:
- On the Identity servers page, click the SAML application that you created.
- Under Identity redirect rule, click Add identity redirect rule.
The Add identity redirect rule dialog box appears.
- Optional: In the Domain name box, type a domain name.
- In the Associated SMTP box, type the SMTP address of the domain, and then click Add.
- Under General, copy the single sign-on URL, and then record it.
- From the navigation pane, go to Security > User groups, and then add your user group.
What to Do Next
Last modified: 6/25/2019 9:33:31 PM