Educause Security Discussion mailing list archives
Re: ADFS Experience
From: Miguel Angel Gonzalez de la Torre <mglez () ITESM MX>
Date: Tue, 21 Oct 2014 20:00:24 +0000
Hello. We have implemented ADFS with O365, Yammer and Sharepoint 2013 without problems. We have federated also third party applications on cloud like gartner, Success Factors and Design to Learn. About Banner we ask ellucian to federate their portals and the answer was that they do not support SAML 2.0 natively, so we must have to use CAS and Shivoleth. We are evaluating this because we’re not sure if ellucian will give support on Shivoleth. The ADFS in Windows 2012 R2 now includes Oauth and may be a way to connect with elluciand, but we haven’t tested that yet. Hope it helps. Ing. Miguel Angel González de la Torre, MCC Director Seguridad de la Información Dirección de Tecnologías de Información Contáctame por Lync<sip:mglez () itesm mx> Tel.: 52 (81) 8158 2000, ext. 2936. Fax: 81 81582287 Enlace intercampus: 80-689-2936. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Nicholas Roy Sent: martes, 21 de octubre de 2014 01:42 p. m. To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] ADFS Experience We set it up for use with Office365 when I was at UIowa, it works pretty well for that. You might consider reaching out to the WinHiEd community for help, a ton of those folks have done this http://www.windows-hied.org/ Best, Nick Nicholas Roy - Penn State - Information Technology Services http://identity.psu.edu Departmental Twitter: @psuidentity nicholas-roy () psu edu<mailto:nicholas-roy () psu edu> tel +1 814 867 0115 ________________________________ From: "Ryan Hiebert" <ryan () RYANHIEBERT COM<mailto:ryan () RYANHIEBERT COM>> To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Sent: Tuesday, October 21, 2014 11:14:00 AM Subject: Re: [SECURITY] ADFS Experience Also, I had to go through their documentation for setting up ADFS a few times very carefully. It changed while I was setting things up, but it did seem to have at least links to everything I needed to get the basics set up. One other thing that caused some frustration was dealing with the signing certificates. ADFS helpfully warns when the certificates are getting old, but the warning didn’t (for me) get silenced when the certificates were updated. It complained until the offending certificate expired. That was frustrating because it made me uncertain about whether I had correctly set up the new signing certificate. On Oct 21, 2014, at 10:10 AM, Ryan Hiebert <ryan () ryanhiebert com<mailto:ryan () ryanhiebert com>> wrote: I’ve been away from the management of it for a while, but I set up ADFS with office 365, and it worked OK. There’s no self-service account reset, etc, with ADFS, which was one of the main features that I personally found lacking. I found attempting to customize ADFS to be quite difficult, and I never was able to do it, though admittedly I wasn’t able to put as much into trying as I would have liked. On Oct 21, 2014, at 10:03 AM, Thomas Carter <tcarter () AUSTINCOLLEGE EDU<mailto:tcarter () AUSTINCOLLEGE EDU>> wrote: We are looking at implementing ADFS for use with both Office 365 as well as on-site Sharepoint 2013 (with Ellucian Portal more specifically). I’m looking for input from anyone who has implemented ADFS for either/both of those and what their experience has been. I’m also interested in the on-going maintenance and problems experienced managing ADFS. Thomas Carter Network and Operations Manager Austin College 903-813-2564 <image001.gif>
Current thread:
- ADFS Experience Thomas Carter (Oct 21)
- Re: ADFS Experience Ryan Hiebert (Oct 21)
- Re: ADFS Experience Ryan Hiebert (Oct 21)
- Re: ADFS Experience Nicholas Roy (Oct 21)
- Re: ADFS Experience Miguel Angel Gonzalez de la Torre (Oct 21)
- Re: ADFS Experience Ryan Hiebert (Oct 21)
- Re: ADFS Experience Kevin Halgren (Oct 21)
- Re: ADFS Experience Miguel Angel Gonzalez de la Torre (Oct 21)
- Re: ADFS Experience Ryan Hiebert (Oct 21)