We're trying to establish SAML 2.0 Authentication in our env. with a revers-proxy before the application. So user is accessing revers-proxy to reach application. Now we want also establish SAML 2.0, and somehow we're doing it wrong.
Does anyone have experiences with this constellation?
And on top of that, we're using multi-tenant setup.
and we followed these instructions:
https://community.flexera.com/t5/FlexNet-Manager-Knowledge-Base/FNMS-SAML-Setup-WebUI-configuration-guide-to-enable-SSO-SAML-in/ta-p/157804
regards,
Matthias
āJul 01, 2021 04:40 AM
āJul 01, 2021 08:20 AM
Yes, i have recently integrated FNMS with ADFS for SAML authentication.
Please find the attached document which i got from the following community article.
Note : Make sure all the URLs mentioned in the SAML guide you mentioned is correct , as the URLs are case sensitive and failing to follow that may case error.
Regards,
Junaid Vengadan
āJul 01, 2021 03:08 PM
Hello junaid_vengadan,
thanks a lot for feedback.
Unfortunately, it seems like the document is for Cloud-based System but not for on-premise.
āJul 02, 2021 01:43 AM
Yeah the document is for the cloud version .
You need to modify the web.conf along with importing the metadata and certificate ( for offline mode) , you can follow the same steps mentioned in the below article to configure the web.conf
Regards,
Junaid Vengadan
āJul 02, 2021 10:44 AM
Hi @mschwach,
@emtmeta is right. Although the document is for the cloud version, the steps are the same.
Please check the URLs as they are case sensitiveāfor example, the endpoint URL.
'https://hellotest.com/Testing/Checking/SUCCEED to 'https://hellotest.com/Testing/Checking/Succeed'
I hope this help.
Regards,
Albert
āJul 05, 2021 04:04 AM
Hi @ll,
many thanks for your contributions.
I've tried all variants of your suggested steps. But, without a success.
I also noticed something when reviewing document: "ADFS FNMS SAML 2.0 configuration.docx"
at point 5 - I am unable to do something in the WebUI, because it doesn't give me the option to do so. This might be different on a cloud based solution but it doesn't fit in an on-premise + multi-tenant env.
So I investigated a little further, and now I'm facing another issue, which said that in the URL the TENANT wasn't given.
(Please see screenshot)
ā
ā
āJul 05, 2021 10:04 AM
If you are referring to step number 5 that is "Enter the ADFS metadata URL" , you need to add this in web.conf file for FNMS On-Premise version .
if you need more details about configuring the web.conf , please refer the below URL
https://community.flexera.com/t5/FlexNet-Manager-Knowledge-Base/FNMS-SAML-Setup-WebUI-configuration-guide-to-enable-SSO-SAML-in/ta-p/157804
To make it easy, you need to configure the below in Web.conf ( don't forgot to take backup of original web.conf before you do the changes)
Once you completed the web.conf , you also need to change IIS Auth type for Suite .
I recommend you to use the below documentation along with the DFS conf guide that you have , that speak about everting that you need.
If you still have the issues after configurations, share the webui logs here or with support.
Regards,
Junaid Vengadan
āJul 05, 2021 10:18 AM