Configure and Setup SSO Integration with ADFS 2.0
The attached guide describes the procedure to integrate the Single-Sign-On feature of Documoto for a tenant using Microsoft Active Directory Domain Services (AD) for user account management and Active Directory Federation Services (ADFS) 2.0 for federated access control. This configuration will allow users who are logged in to the AD Domain in your enterprise to access the Documoto service without re-authenticating. Once configured, access to the Documoto system is managed by using the standard Active Directory tools in the tenant environment without needing to manually update user records in the Documoto application.
Note: Microsoft Windows Server 2008 R2 includes ADFS 1.0. If you have ADFS 1.0, you must uninstall it and then download and install ADFS 2.0 from this link: http://www.microsoft.com/en-us/download/details.aspx?id=10909.
Note: Extended ADFS 2.0 configuration guides may be found on the Microsoft TechNet. A deployment guide for AD FS 2.0 is here: http://technet.microsoft.com/en-us/library/dd807092(v=ws.10).aspx.
In those guides and in this document the following nomenclature is used:
Account Partner: This is you (the Documoto tenant).
Resource Partner: The service you are connecting to (Documoto).
Note: This documentation assumes that you are configuring federated access to the production Documoto system (documoto.digabit.com). You may use these same instructions to configure access to the Integration server for testing by replacing all occurrences of documoto.digabit.com with integration.digabit.com.
The following diagram displays the main conceptual features of this configuration.
It is possible to install ADFS and AD on the same server if required.
Download the attached document to view the rest of this article.