Skip to main content
Interania

Configure the default login as ADFS

0votes
15updates
30views

Active Directory Federation Services (ADFS) is a software component developed by Microsoft. ADFS can be installed on Windows Server operating systems to provide single sign-on access to systems and applications located across networks.

This document  demonstrates how to configure SAML for ADFS as the Interana default login.

Interana supports the SAML login protocol. To configure SAML for you platform, verify that your identity provider supports SAML and the necessary configuration requirements. 

Before you start... 

Be sure that you have met the following prerequisites:

  • You have a valid DNS name (no IPs) for the Interana cluster.
  • Your ADSF environment can provide the Interana cluster with Relying Party Trusts access.

For more information, see the Microsoft ADFS documentation.

Configure ADFS as the Interana default login

This section demonstrates how to configure an Interana cluster to use ADFS as the default login. The federation metadata file is generated on-the-fly by ADFS based on various configuration settings (within ADFS), such as Identifier, Claims Descriptions, Certificates, Service Endpoints available, etc. 

To configure ADFS as the default login, do the following:
  1. Generate a federationmetadata.xml file as described in Add ADFS authentication to your Interana instance
  2. Store the federationmetadata.xml file on the config node of the Interana cluster, and save a backup copy.
/opt/interana/backend/config/federationmetadata.xml
  1. Log in to the config node, and change the authentication method to ADFS with the following command.
ia settings update auth adfs '{"local":["/opt/interana/backend/config/federationmetadata.xml"]}
  1. Configure the ADFS as the default login with the following command. 
ia settings update auth default_saml_provider adfs
  1. Force SAML authentication with the following command.
ia settings update auth force_saml enabled
  1. Disable password auth with the following command.
ia settings update auth password_auth disabled
  1. Verify the settings with with following command.
ia settings list --application auth
  1. Restart the Interana service with the following command.
sudo service interana restart

What's Next

You may also be interested in the following topics:

  • Was this article helpful?