Step 4. Configure Active Directory Federation Services
Step 4. Configure Active Directory Federation Services
Configure AD FS to issue SAML tokens to Informatica web applications.
Use the AD FS Management Console to perform the following tasks:
Add Informatica as a relying party trust in AD FS. The relying party trust definition enables AD FS to accept authentication requests from Informatica web applications.
Edit the Send LDAP Attributes as Claims rule to map LDAP attributes in your identity store to the corresponding types used in SAML tokens issued by AD FS.
All strings are case sensitive in AD FS, including URLs.
Log in to the AD FS Management Console.
Expand the
Trust Relationships
Relying Party Trusts
folder.
Right-click the
Relying Party Trusts
folder, and then select
Add Relying Party Trust
as shown in the following image:
The
Add Relying Party Trust Wizard
appears.
Click
Start
.
The
Select Data Source
panel appears.
Click
Enter data about the relying party manually
as shown in the following image:
Click
Next
Enter "Informatica" as the display name, and then click
Next
.
Click
AD FS 2.0 profile
as shown in the following image:
Click
Next
.
Skip the certificate configuration panel in the wizard.
Check
Enable support for the SAML WebSSO protocol
, and then enter the complete URL for the Administrator tool, as shown in the following image:
Click
Next
.
Enter "Informatica" in the Relying party trust identifier field. Click
Add
, and then click
Next
.
Select
Permit all users to access the relying party
as shown in the following image:
Click
Next
.
Check
Open the Edit Claim Rules dialog for this relying party trust when the wizard closes
as shown in the following image:
Click
Close
.
The
Edit Claim Rules for Informatica
dialog box appears.
Click
Add Rule
.
The
Add Transform Claim Rule Wizard
opens.
Select
Send LDAP Attributes as Claims
from the menu, as shown in the following image:
Click
Next
.
Enter any string as the claim rule name, as shown in the following image: