Solved

ADFS 2.0 with Salesforce Setup

Posted on 2012-03-20
3
984 Views
Last Modified: 2016-02-16
Hi Experts,

I'm trying to install and configure ADFS 2.0 to work with our Salesforce devbox.  I've followed the steps here:   http://wiki.developerforce.com/page/Single_Sign-On_with_Force.com_and_Microsoft_Active_Directory_Federation_Services

Broadly speaking I have done the following:

1.

Setup a Server 2008 Ent server, installs IIS and created a self signed cert:  hostname.<org>.local

2.

Installed ADFS 2.0 and run through the initial config wizard.  Chose the self signed certificate and set up a stand alone server farm.  No errors or warnings were displayed during configuration.

3.

Set up the correct details in the Saleforce SSO config and downloaded the metadata file.

4.

Set up a relying party trust on the ADFS server as directed and set my UPN against my Salesforce user account.
At this point I'm trying to use the SAML validator and I get the following:

 samlValidator.JPG
If I try to go to my server and log in through there I get the following:

samlLogin.JPG
I seem to be most of the way but not sure if there is a permission setting that needs changing in ADFS/IIS (which I would assume should me managed) or I've missed something out.

Any Ideas?

UPDATE:
If I log on with my local AD credentials I get the following:

certError.JPG
0
Comment
Question by:ImaCircularSaw
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 1

Accepted Solution

by:
TheBinaryMan earned 500 total points
ID: 37817752
Hi,
 Here are a few suggestions for settings inside of your Salesforce/Force.com instance to help you with the Salesforce side of things.

Sign in normally (via the web page) to your Salesforce/Force.com instance.  By the way you will need to be an Administrator for your Salesforce/Force.com instance.

In Salesforce/Force.com go to:
1.) Username>Setup   -So you can see the Administration Setup on the lower left hand side.
2.) Security Controls>Single Sign On Settings>Edit>(Check the box & Save)
3.) Security Controls>Network Access>New>Insert your public facing IP address.(from step a. below and definetely add your IP address for the server that needs to exchange info with Salesforce)  This will stop the Salesforce instance from requiring the extra token.

To get your current ip address.  Go to:
a.)Adminsitration Setup>Manage Users>Login History>write down or copy your Source IP

Just a few extra ideas that may help you with authenticating.
0
 
LVL 10

Author Comment

by:ImaCircularSaw
ID: 37881039
Solution was to contact Salesforce and get the organisation enabled for SSO.
0
 
LVL 10

Author Closing Comment

by:ImaCircularSaw
ID: 37881045
Worth while suggestions but not the solution.
0

Featured Post

Tutorials alone can't teach real engineering

So we built better training tools.

-Hands-on Labs
-Instructor Mentoring
-Scenario-Based Tests
-Dedicated Cloud Servers

All at your fingertips. What are you waiting for?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many CHPs use the buzzword ‘Cloud Hosting’ to sell the idea of reliability. Most consumers have the opinion that cloud hosting is easily scalable and can handle just about anything. Further, most CHPs are not transparent and hide the underlying arch…
Do you know what to look for when considering cloud computing? Should you hire someone or try to do it yourself? I'll be covering these questions and looking at the best options for you and your business.
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Need to grow your business through quality cloud solutions? With everything required to build a cloud platform and solution, you may feel like the distance between you and the cloud is quite long. Help is here. Spend some time learning about the Con…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question