You are viewing limited content. For full access, please sign in.

Question

Question

Laserfiche Cloud AD FS transition to AzureAD

Laserfiche Cloud Administration
Updated May 30, 2023
asked on May 23, 2023

We have a client who uses Laserfiche Cloud and users are configured via AD FS. They need to transition all of their users from using AD FS to SAML with AzureAD. All of the users have been added and assigned to groups in AzureAD.  They just need to move their SAML from AD Federated services to AzureAD. Is there any guidance Laserfiche can provide on how to accomplish this?

0 0

Answer

SELECTED ANSWER
replied on May 26, 2023

I assume you know how to Configure Single Sign-On with Azure Active Directory (AD) generally and are specifically asking about the transition aspect.

You can't have both configured at the same time, so make sure you have the AD FS configuration "backed up" somewhere in case you need to revert to it.

The most important thing is to ensure that the same value for FederatedID gets passed. By default, this is the SAML NameID. You can also specify a custom user identifying attribute. See: Configure Advanced SSO options in Laserfiche Cloud.

The FederatedID is value used to map the SAML response to the Laserfiche Cloud user with an exact string match.

Next, make sure your Attribute Mappings are similarly aligned and that Azure AD is sending the same (relevant) values as AD FS.

The Group claim is especially important here. Do NOT assume that all relevant groups are being synchronized from on-prem AD to Azure AD (if on-prem AD groups are used for Federated Group mapping).

0 0
replied on May 30, 2023

Thank you @████████!

1 0

Replies

You are not allowed to reply in this post.
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...