Difference between revisions of "SSO/Office365"

From UmsWiki
Jump to: navigation, search
Line 17: Line 17:
 
*Delete all info under '''Identifier (Entity ID)'''
 
*Delete all info under '''Identifier (Entity ID)'''
 
*Open SQL Management Studio on the UMS Server and connect to the database
 
*Open SQL Management Studio on the UMS Server and connect to the database
** Run this SQL Command
+
**Run this SQL Command
*** Update UMSWebGeneralSettings Set SetSSO = 1
+
***Update UMSWebGeneralSettings Set SetSSO = 1
* Login to UMS web
+
*Login to UMS web
** You will be redirected to SSO setup
+
**You will be redirected to SSO setup
**  
+
***Click '''Add,''' enter a name and click '''Create'''
* Open UMS '''Configurator''' program
+
***Choose the name in the drop down and click '''Edit'''
 +
***Click '''Add''' under the section '''Create new Single Sign On'''
 +
****Choose '''Azure AD''' in the '''Type''' drop down
 +
****In the boxes '''Name''', '''SingleSignOnServiceUrl''' and '''SingleLogoutServiceUrl''' replace '''{appId}''' with the application id of your Enterprise application
 +
****The '''LocalCertificateFile''' must be entered with a PFX certificate. This file must be placed in the root directory of your UMS Academic installation (Normally C:\inetpub\wwwroot)
 +
****The '''LocalCertificatePassword''' must be entered to be able to read the PFX certificate
 +
****The '''PartnerCertificateFile''' is a certificate the is generated during setup in portal.  This file must be placed in the root directory of your UMS Academic installation (Normally C:\inetpub\wwwroot)
 +
**
 +
*Open UMS '''Configurator''' program
 
**Click '''Web Setup'''
 
**Click '''Web Setup'''
 
**Select '''General settings'''
 
**Select '''General settings'''

Revision as of 09:58, 20 May 2021

How to use Office 365 as login provider instead of Active Directory

You need to create an Enterprise application

Login into portal.azure.com

  • Click New application
  • Click Create your own application
  • Enter a name
  • Choose Integrate any other application you don't find in the gallery (Non-gallery)
  • Click Create (This will also create an App registration)
  • Find Properties for the Enterprise application you just created
  • Set User assignment required? and Visible to users? to false
  • Click Save
  • Click Single sign-on
  • Click SAML
  • Click edit under Basic SAML Configuration
  • Delete all info under Identifier (Entity ID)
  • Open SQL Management Studio on the UMS Server and connect to the database
    • Run this SQL Command
      • Update UMSWebGeneralSettings Set SetSSO = 1
  • Login to UMS web
    • You will be redirected to SSO setup
      • Click Add, enter a name and click Create
      • Choose the name in the drop down and click Edit
      • Click Add under the section Create new Single Sign On
        • Choose Azure AD in the Type drop down
        • In the boxes Name, SingleSignOnServiceUrl and SingleLogoutServiceUrl replace {appId} with the application id of your Enterprise application
        • The LocalCertificateFile must be entered with a PFX certificate. This file must be placed in the root directory of your UMS Academic installation (Normally C:\inetpub\wwwroot)
        • The LocalCertificatePassword must be entered to be able to read the PFX certificate
        • The PartnerCertificateFile is a certificate the is generated during setup in portal. This file must be placed in the root directory of your UMS Academic installation (Normally C:\inetpub\wwwroot)
  • Open UMS Configurator program
    • Click Web Setup
    • Select General settings
      • Select Azure AD in the Check login against drop down list


Reset password for others

  • Go to Azure Active Directory
  • Click Roles and administrators
  • Find Password administrator
  • Click Add assignments
  • Find the name of the Enterprise application you created earlier
  • Select it and click Add