Enviar búsqueda
Cargar
Twobo LDAP Attribute Store for ADFS
•
0 recomendaciones
•
2,480 vistas
Twobo Technologies
Seguir
Tecnología
Denunciar
Compartir
Denunciar
Compartir
1 de 19
Descargar ahora
Descargar para leer sin conexión
Recomendados
Designing an API
Designing an API
Twobo Technologies
Neo-security Stack
Neo-security Stack
Twobo Technologies
Incorporating OAuth
Incorporating OAuth
Twobo Technologies
Nordic APIs - Integrated Social Solutions for a Cloudy, Mobile World
Nordic APIs - Integrated Social Solutions for a Cloudy, Mobile World
Twobo Technologies
Launching a Successful and Secure API
Launching a Successful and Secure API
Nordic APIs
Authorization The Missing Piece of the Puzzle
Authorization The Missing Piece of the Puzzle
Nordic APIs
Secure your APIs using OAuth 2 and OpenID Connect
Secure your APIs using OAuth 2 and OpenID Connect
Nordic APIs
Synergies of Cloud Identity: Putting it All Together
Synergies of Cloud Identity: Putting it All Together
Twobo Technologies
Recomendados
Designing an API
Designing an API
Twobo Technologies
Neo-security Stack
Neo-security Stack
Twobo Technologies
Incorporating OAuth
Incorporating OAuth
Twobo Technologies
Nordic APIs - Integrated Social Solutions for a Cloudy, Mobile World
Nordic APIs - Integrated Social Solutions for a Cloudy, Mobile World
Twobo Technologies
Launching a Successful and Secure API
Launching a Successful and Secure API
Nordic APIs
Authorization The Missing Piece of the Puzzle
Authorization The Missing Piece of the Puzzle
Nordic APIs
Secure your APIs using OAuth 2 and OpenID Connect
Secure your APIs using OAuth 2 and OpenID Connect
Nordic APIs
Synergies of Cloud Identity: Putting it All Together
Synergies of Cloud Identity: Putting it All Together
Twobo Technologies
Incorporating OAuth: How to integrate OAuth into your mobile app
Incorporating OAuth: How to integrate OAuth into your mobile app
Nordic APIs
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
Nordic APIs
OAuth and OpenID Connect for Microservices
OAuth and OpenID Connect for Microservices
Twobo Technologies
1400 ping madsen-nordicapis-connect-01
1400 ping madsen-nordicapis-connect-01
Nordic APIs
Integrated social solutions, the power and pitfalls of mashups
Integrated social solutions, the power and pitfalls of mashups
Nordic APIs
OAuth Assisted Token Flow for Single Page Applications
OAuth Assisted Token Flow for Single Page Applications
Nordic APIs
OAuth & OpenID Connect Deep Dive
OAuth & OpenID Connect Deep Dive
Nordic APIs
Amazon Cognito Deep Dive
Amazon Cognito Deep Dive
Amazon Web Services
Authentication & Authorization for Connected Mobile & Web Applications using ...
Authentication & Authorization for Connected Mobile & Web Applications using ...
Amazon Web Services
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
Amazon Web Services
IdP, SAML, OAuth
IdP, SAML, OAuth
Dan Brinkmann
Cognito Customer Deep Dive
Cognito Customer Deep Dive
Amazon Web Services
Deploying Binaries To The Bin Folder Share Point Saturday Kc 2009
Deploying Binaries To The Bin Folder Share Point Saturday Kc 2009
Corey Roth
Enterprise Access Control Patterns for Rest and Web APIs
Enterprise Access Control Patterns for Rest and Web APIs
CA API Management
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
CA API Management
Introduction to SAML 2.0
Introduction to SAML 2.0
Mika Koivisto
Client Server Security with Flask and iOS
Client Server Security with Flask and iOS
Make School
OpenID Connect Explained
OpenID Connect Explained
Vladimir Dzhuvinov
Authentication & Authorization for Connected Mobile & Web Applications using ...
Authentication & Authorization for Connected Mobile & Web Applications using ...
Amazon Web Services
Saml in cloud
Saml in cloud
Nagraj Rao
Nordic APIs - Building a Secure API
Nordic APIs - Building a Secure API
Twobo Technologies
Tjänsteplattform i mtg - 2014 02-05
Tjänsteplattform i mtg - 2014 02-05
Advania
Más contenido relacionado
La actualidad más candente
Incorporating OAuth: How to integrate OAuth into your mobile app
Incorporating OAuth: How to integrate OAuth into your mobile app
Nordic APIs
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
Nordic APIs
OAuth and OpenID Connect for Microservices
OAuth and OpenID Connect for Microservices
Twobo Technologies
1400 ping madsen-nordicapis-connect-01
1400 ping madsen-nordicapis-connect-01
Nordic APIs
Integrated social solutions, the power and pitfalls of mashups
Integrated social solutions, the power and pitfalls of mashups
Nordic APIs
OAuth Assisted Token Flow for Single Page Applications
OAuth Assisted Token Flow for Single Page Applications
Nordic APIs
OAuth & OpenID Connect Deep Dive
OAuth & OpenID Connect Deep Dive
Nordic APIs
Amazon Cognito Deep Dive
Amazon Cognito Deep Dive
Amazon Web Services
Authentication & Authorization for Connected Mobile & Web Applications using ...
Authentication & Authorization for Connected Mobile & Web Applications using ...
Amazon Web Services
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
Amazon Web Services
IdP, SAML, OAuth
IdP, SAML, OAuth
Dan Brinkmann
Cognito Customer Deep Dive
Cognito Customer Deep Dive
Amazon Web Services
Deploying Binaries To The Bin Folder Share Point Saturday Kc 2009
Deploying Binaries To The Bin Folder Share Point Saturday Kc 2009
Corey Roth
Enterprise Access Control Patterns for Rest and Web APIs
Enterprise Access Control Patterns for Rest and Web APIs
CA API Management
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
CA API Management
Introduction to SAML 2.0
Introduction to SAML 2.0
Mika Koivisto
Client Server Security with Flask and iOS
Client Server Security with Flask and iOS
Make School
OpenID Connect Explained
OpenID Connect Explained
Vladimir Dzhuvinov
Authentication & Authorization for Connected Mobile & Web Applications using ...
Authentication & Authorization for Connected Mobile & Web Applications using ...
Amazon Web Services
Saml in cloud
Saml in cloud
Nagraj Rao
La actualidad más candente
(20)
Incorporating OAuth: How to integrate OAuth into your mobile app
Incorporating OAuth: How to integrate OAuth into your mobile app
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
OAuth and OpenID Connect for Microservices
OAuth and OpenID Connect for Microservices
1400 ping madsen-nordicapis-connect-01
1400 ping madsen-nordicapis-connect-01
Integrated social solutions, the power and pitfalls of mashups
Integrated social solutions, the power and pitfalls of mashups
OAuth Assisted Token Flow for Single Page Applications
OAuth Assisted Token Flow for Single Page Applications
OAuth & OpenID Connect Deep Dive
OAuth & OpenID Connect Deep Dive
Amazon Cognito Deep Dive
Amazon Cognito Deep Dive
Authentication & Authorization for Connected Mobile & Web Applications using ...
Authentication & Authorization for Connected Mobile & Web Applications using ...
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
IdP, SAML, OAuth
IdP, SAML, OAuth
Cognito Customer Deep Dive
Cognito Customer Deep Dive
Deploying Binaries To The Bin Folder Share Point Saturday Kc 2009
Deploying Binaries To The Bin Folder Share Point Saturday Kc 2009
Enterprise Access Control Patterns for Rest and Web APIs
Enterprise Access Control Patterns for Rest and Web APIs
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
Introduction to SAML 2.0
Introduction to SAML 2.0
Client Server Security with Flask and iOS
Client Server Security with Flask and iOS
OpenID Connect Explained
OpenID Connect Explained
Authentication & Authorization for Connected Mobile & Web Applications using ...
Authentication & Authorization for Connected Mobile & Web Applications using ...
Saml in cloud
Saml in cloud
Destacado
Nordic APIs - Building a Secure API
Nordic APIs - Building a Secure API
Twobo Technologies
Tjänsteplattform i mtg - 2014 02-05
Tjänsteplattform i mtg - 2014 02-05
Advania
SäKerhet I Molnen
SäKerhet I Molnen
Predrag Mitrovic
2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO
Huy Pham
Transforming organizations into platforms
Transforming organizations into platforms
Twobo Technologies
Beveiliging en REST services
Beveiliging en REST services
Maurice De Beijer [MVP]
Alfresco: Implementing secure single sign on (SSO) with OpenSAML
Alfresco: Implementing secure single sign on (SSO) with OpenSAML
J V
Mobile SSO using NAPPS
Mobile SSO using NAPPS
Ashish Jain
#dd12 OAuth for Domino Developers
#dd12 OAuth for Domino Developers
Dominopoint - Italian Lotus User Group
SCIM presentation from CIS 2012
SCIM presentation from CIS 2012
Twobo Technologies
Introduction to OAuth2.0
Introduction to OAuth2.0
Oracle Corporation
The JSON-based Identity Protocol Suite
The JSON-based Identity Protocol Suite
Twobo Technologies
AWS Directory Service and Hybrid Strategy | AWS Public Sector Summit 2016
AWS Directory Service and Hybrid Strategy | AWS Public Sector Summit 2016
Amazon Web Services
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
CA API Management
Federation in Practice
Federation in Practice
ForgeRock
SAML and Other Types of Federation for Your Enterprise
SAML and Other Types of Federation for Your Enterprise
Denis Gundarev
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Alvaro Sanchez-Mariscal
Stateless authentication for microservices
Stateless authentication for microservices
Alvaro Sanchez-Mariscal
Running Active Directory in the AWS Cloud
Running Active Directory in the AWS Cloud
Amazon Web Services
IBM Single Sign-On
IBM Single Sign-On
Van Staub, MBA
Destacado
(20)
Nordic APIs - Building a Secure API
Nordic APIs - Building a Secure API
Tjänsteplattform i mtg - 2014 02-05
Tjänsteplattform i mtg - 2014 02-05
SäKerhet I Molnen
SäKerhet I Molnen
2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO
Transforming organizations into platforms
Transforming organizations into platforms
Beveiliging en REST services
Beveiliging en REST services
Alfresco: Implementing secure single sign on (SSO) with OpenSAML
Alfresco: Implementing secure single sign on (SSO) with OpenSAML
Mobile SSO using NAPPS
Mobile SSO using NAPPS
#dd12 OAuth for Domino Developers
#dd12 OAuth for Domino Developers
SCIM presentation from CIS 2012
SCIM presentation from CIS 2012
Introduction to OAuth2.0
Introduction to OAuth2.0
The JSON-based Identity Protocol Suite
The JSON-based Identity Protocol Suite
AWS Directory Service and Hybrid Strategy | AWS Public Sector Summit 2016
AWS Directory Service and Hybrid Strategy | AWS Public Sector Summit 2016
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Federation in Practice
Federation in Practice
SAML and Other Types of Federation for Your Enterprise
SAML and Other Types of Federation for Your Enterprise
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication for microservices
Stateless authentication for microservices
Running Active Directory in the AWS Cloud
Running Active Directory in the AWS Cloud
IBM Single Sign-On
IBM Single Sign-On
Similar a Twobo LDAP Attribute Store for ADFS
AWS Community Day Bangkok 2019 - Build a Serverless Web Application in 30 mins
AWS Community Day Bangkok 2019 - Build a Serverless Web Application in 30 mins
AWS User Group - Thailand
SHIFT LEFT WITH DEVSECOPS
SHIFT LEFT WITH DEVSECOPS
NETUserGroupBern
AWS Cyber Security Best Practices
AWS Cyber Security Best Practices
DoiT International
Best Practices for Integrating Active Directory with AWS Workloads
Best Practices for Integrating Active Directory with AWS Workloads
Amazon Web Services
Consulta cualquier fuente de datos usando SQL con Amazon Athena y sus consult...
Consulta cualquier fuente de datos usando SQL con Amazon Athena y sus consult...
javier ramirez
Deploying DAOS and ID Vault
Deploying DAOS and ID Vault
Luis Guirigay
Chris O'Brien - Best bits of Azure for Office 365/SharePoint developers
Chris O'Brien - Best bits of Azure for Office 365/SharePoint developers
Chris O'Brien
Office 365 APIs for your Applications
Office 365 APIs for your Applications
Ruhani Arora
Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish Kalamati
Girish Kalamati
Authentication and beyond, Atlassian aplications
Authentication and beyond, Atlassian aplications
Ambientia
Azure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD Deployment
Anthony Clendenen
Deep Dive on AWS Lambda
Deep Dive on AWS Lambda
Amazon Web Services
All ivanti is a secure workspace - Bsides Delft 2018
All ivanti is a secure workspace - Bsides Delft 2018
Johanna Curiel
Java Web Programming on Google Cloud Platform [1/3] : Google App Engine
Java Web Programming on Google Cloud Platform [1/3] : Google App Engine
IMC Institute
Kotlin server side frameworks
Kotlin server side frameworks
Ken Yee
48. Azure Active Directory - Part 1
48. Azure Active Directory - Part 1
Shawn Ismail
Workshop: We love APIs
Workshop: We love APIs
Amazon Web Services
Design for Compliance - AWS FS Cloud Symposium Apr 2019.pdf
Design for Compliance - AWS FS Cloud Symposium Apr 2019.pdf
Amazon Web Services
Accelerating Application Development with Amazon Aurora (DAT312-R2) - AWS re:...
Accelerating Application Development with Amazon Aurora (DAT312-R2) - AWS re:...
Amazon Web Services
Enterprise Governance: Build Your AWS Landing Zone (ENT351-R1) - AWS re:Inven...
Enterprise Governance: Build Your AWS Landing Zone (ENT351-R1) - AWS re:Inven...
Amazon Web Services
Similar a Twobo LDAP Attribute Store for ADFS
(20)
AWS Community Day Bangkok 2019 - Build a Serverless Web Application in 30 mins
AWS Community Day Bangkok 2019 - Build a Serverless Web Application in 30 mins
SHIFT LEFT WITH DEVSECOPS
SHIFT LEFT WITH DEVSECOPS
AWS Cyber Security Best Practices
AWS Cyber Security Best Practices
Best Practices for Integrating Active Directory with AWS Workloads
Best Practices for Integrating Active Directory with AWS Workloads
Consulta cualquier fuente de datos usando SQL con Amazon Athena y sus consult...
Consulta cualquier fuente de datos usando SQL con Amazon Athena y sus consult...
Deploying DAOS and ID Vault
Deploying DAOS and ID Vault
Chris O'Brien - Best bits of Azure for Office 365/SharePoint developers
Chris O'Brien - Best bits of Azure for Office 365/SharePoint developers
Office 365 APIs for your Applications
Office 365 APIs for your Applications
Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish Kalamati
Authentication and beyond, Atlassian aplications
Authentication and beyond, Atlassian aplications
Azure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD Deployment
Deep Dive on AWS Lambda
Deep Dive on AWS Lambda
All ivanti is a secure workspace - Bsides Delft 2018
All ivanti is a secure workspace - Bsides Delft 2018
Java Web Programming on Google Cloud Platform [1/3] : Google App Engine
Java Web Programming on Google Cloud Platform [1/3] : Google App Engine
Kotlin server side frameworks
Kotlin server side frameworks
48. Azure Active Directory - Part 1
48. Azure Active Directory - Part 1
Workshop: We love APIs
Workshop: We love APIs
Design for Compliance - AWS FS Cloud Symposium Apr 2019.pdf
Design for Compliance - AWS FS Cloud Symposium Apr 2019.pdf
Accelerating Application Development with Amazon Aurora (DAT312-R2) - AWS re:...
Accelerating Application Development with Amazon Aurora (DAT312-R2) - AWS re:...
Enterprise Governance: Build Your AWS Landing Zone (ENT351-R1) - AWS re:Inven...
Enterprise Governance: Build Your AWS Landing Zone (ENT351-R1) - AWS re:Inven...
Último
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Mark Simos
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
charlottematthew16
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
Mattias Andersson
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
DianaGray10
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
Alan Dix
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
Sri Ambati
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Zilliz
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
Fwdays
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Mark Billinghurst
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Kalema Edgar
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Slibray Presentation
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
ScyllaDB
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
Scott Keck-Warren
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
Stephanie Beckett
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
Alfredo García Lavilla
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
gvaughan
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
Sergiu Bodiu
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
Manik S Magar
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
Último
(20)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Twobo LDAP Attribute Store for ADFS
1.
Twobo LDAP Attribute
Store for ADFS Using ADFS with LDAP servers that don’t support Windows authentication Copyright © 2013 Twobo Technologies AB. All rights reserved
2.
Agenda Limitations and
restrictions of ADFS 2 Possible workarounds Alternatives Open source From Twobo Installation and use Copyright © 2013 Twobo Technologies AB. All rights reserved
3.
Restrictions in ADFS
2 Out-of-the-box LDAP attribute store requires Windows authentication “When you work with other Lightweight Directory Access Protocol (LDAP)-based attribute stores [besides AD], you must connect to an LDAP-capable server that supports Windows Integrated Authentication” -- TechNet (http://bit.ly/1bWt3rn) Copyright © 2013 Twobo Technologies AB. All rights reserved
4.
Workarounds 1. Enable Windows
Authentication on the LDAP server 2. Connect ADFS to some other IP-STS and use ADFS as an FPSTS only 3. Use an alternative LDAP attribute store that supports other authentication schemes Copyright © 2013 Twobo Technologies AB. All rights reserved
5.
Open Source LDAP
Attribute Stores A few open source options available Limited features (purpose built) Limited testing Unproven Undocumented Unsupported None with communities Copyright © 2013 Twobo Technologies AB. All rights reserved
6.
Twobo LDAP Attribute
Store Supports simple and anonymous bind Supports multi-value attributes Supports decoding binary data fields based on various encodings Supports LDAPS Works with ADFS 2.0 and 2.1 Better documentation Rule-specific scope and search base Commercially supported by a security company Copyright © 2013 Twobo Technologies AB. All rights reserved
7.
Configuration Normal attribute
store configuration Use ADFS cmdlets Use ADFS Management Console Copyright © 2013 Twobo Technologies AB. All rights reserved
8.
Configuration Options Setting servername* defaultRoot* port defaultScope secured password username encoding Description Name or
IP of LDAP server Default search location Port of LDAP server Default search scope Use of LDAP or LDAPS Password used when binding Username used when binding Code page to use when decoding binary data Copyright © 2013 Twobo Technologies AB. All rights reserved
9.
Using the Attribute
Store Use with custom rules wherever ADFS allows (issuance, authorization, etc.) Copyright © 2013 Twobo Technologies AB. All rights reserved
10.
Typical Issuance Rule c:[Type
== "http://schemas.xmlsoap.org/.../upn"] => issue(store = "2BOLDAP", types = ("http://schemas.xmlsoap.org/.../emailaddress", Input claim Store name "http://schemas.xmlsoap.org/.../privatepersonalidentifier"), query = "uid={0}mail,uid", param = c.Value); Substitution value Copyright © 2013 Twobo Technologies AB. All rights reserved Attributes in LDAP LDAP filter Output claims
11.
When User IDs
Don’t Match 1. Add a new input claim from AD Copyright © 2013 Twobo Technologies AB. All rights reserved
12.
When User IDs
Don’t Match 2. Derive it using an “add” rule followed by an “issue” Copyright © 2013 Twobo Technologies AB. All rights reserved
13.
Example of an
“Add” Rule c:[Type == "http://schemas.microsoft.../windowsaccountname"] => add(Type = "_uname", Issuer = c.Issuer, OriginalIssuer = c.OriginalIssuer, Value = regexreplace( c.Value, "(?<domain>[^]+)(?<user>.+)", "${user}"), ValueType = c.ValueType); Copyright © 2013 Twobo Technologies AB. All rights reserved
14.
Example of an
“Add” Rule c:[Type == "_uname"] => issue(store = "2BOLDAP", types = ("http://schemas.xmlsoap.org/.../emailaddress", "http://schemas.xmlsoap.org/.../privatepersonalidentifier"), query = "uid={0}mail,uid", param = c.Value); Copyright © 2013 Twobo Technologies AB. All rights reserved
15.
Example of Non-default
Base and Scope c:[Type == "_uname"] => issue(store = "2BOLDAP", types = ("http://schemas.xmlsoap.org/.../emailaddress", "http://schemas.xmlsoap.org/.../privatepersonalidentifier"), query = "uid={0}mail,uidou=People,dc=example,dc=comSubtree", param = c.Value); Rule-specific search base Copyright © 2013 Twobo Technologies AB. All rights reserved Rule-specific search scope
16.
Example of Retrieving
a Disguised Name c:[Type == "_uname"] => issue(store = "2BOLDAP", types = ("http://schemas.xmlsoap.org/.../emailaddress", "http://schemas.xmlsoap.org/.../privatepersonalidentifier"), query = "uid={0}distinguishedName", param = c.Value); Copyright © 2013 Twobo Technologies AB. All rights reserved Distinguished name can be treated as an attribute though it is not; “dn” works as well.
17.
Tested Systems LDAP
Servers OpenLDAP using anonymous bind and simple bind with and without SSL (on Linux) AD LDS using simple bind (on W2K8 R2) Siemens DirX Directory using simple bind with and without SSL (on *NIX) ApacheDS using simple bind (on Linux) ADFS 2.0 2.1 Copyright © 2013 Twobo Technologies AB. All rights reserved
18.
Questions & Thanks @2botech Copyright
© 2013 Twobo Technologies AB. All rights reserved www.2botech.com
Descargar ahora