Hi all, so i tried to setup AD FS as IdP with Adaxes as SP. I used this guide: https://www.adaxes.com/help/EnableSamlBasedSingleSignOn/
Sadly i run into error: MSIS3200 which is caused by a missing Assertion Consumer Service.
AD FS is forcing https but the SSO Reply URL from Adaxes is in http. AD FS won't
I can't find a way to change this URL to use HTTPS. (Will attach Screenshot for clarification)
Also the Information field shows that i should be able to change the SSO Reply URL. But unlike with the Entity ID there is no "Change" field.
I checked this question: https://www.adaxes.com/questions/9524/saml-response-reply-url-http-instead-https-due-ssl-offloading?show=9524#q9524
But in my case there is only my AD FS Server and Adaxes. No SSL Offloading or Big IP.
Hope somebody can point me in the right direction!
Bests, Daniel.
Hello Daniel,
The SSO Reply URL and Single Logout URL you see in the Web interface configurator are just examples of what should be used. For the whole thing to work, you need to enable HTTPS for Adaxes Web interface and then specify the corresponding URLs in AD FS when configuring SAML SSO. You can configure SSL on the Adaxes Web interface the way you do it for any other website hosted by IIS. For details on how to enable SSL for an IIS Web Site, see the following article: https://docs.microsoft.com/en-us/troubleshoot/iis/enable-ssl-all-customers.
Is it possible to trigger an external API request to update another directory whenever an AD user changes his password? Even if the password change didn't occur using adaxes, but directly in Active Directory? Thank you.
Guys, I have implemeted SSO with Azure AD with my test instance. I am using 2019.2. Works fine - MFA triggers etc. But when I log out from Adaxes websites, it ... to attract some nasty looks from Infosec guys - specially when it is a user management tool.
Hi, is there any way to bypass SSO and get directly to the Loginpage when a machine is not joined to the domain? Reason why I'm asking is, in the last months ... machines not connected to the domain to go directly to the Adaxes Login form. Best regards Ingemar
I am trying to view AD authentication logs to see a user account's authentication attempts. Can this be done in Adaxes?
We have a fleet of Macbooks that use NoMAD to handle AD Authentiction and syncronization. How can we use Adaxes to handle the Password reset utility with these users. If they ... resync will be needed. Anybody else doing this or have a solution to the above?