SSO

From UmsWiki
Revision as of 07:26, 11 September 2017 by Tod (talk | contribs)
Jump to navigation Jump to search

Our Single Sign-on (SSO) module is designed for schools that would like to make it easy for employees and students to use the school's various electronic systems. With the SSO module, users get one login and password that logs them into all the associated services at once.

For example, students can Access the school's LMS system, library system, digital dictionaries and databases with scientific publications - all by signing in with SSO once and for all.

This saves time and effort whenever users need to use one of the school's systems. At the same time, it gives users a simpler everyday life because they do not have to worry about having to keep in mind several logins.

Prerequisite and purpose

Prerequisite

This requires that:

  • An installed Active Directory federation services (AD FS) server.
  • Access to configuration snap in. Either via Remote PowerShell or directly on the server.
  • An UMS installation, licensed to SSO from inLogic.
  • A star or new certificate for the address that the AD FS server needs.

purpose

Installation

Installation

Changing the Self Signed Certificate in SSO.

  1. Get started by clicking on the house icon in the menu. Search for IIS and click on Internet Information Services (IIS) Manager.
  2. In the Connections column on the left, click on the name of the server. Double-click on Server Certificates.
  3. In the Actions column on the right, click on Create Self-Signed Certificate...
  4. Enter any friendly name and then click OK.
  5. You will now have an IIS Self Signed Certificate valid for 1 year listed under Server Certificates.
  6. Right click on the new create certificate and then click Export.
  7. Remember to delete the old self signed certificate (C:\inetpub\wwwroot).
  8. Enter the path (C:\inetpub\wwwroot\UMS-SSO). The new password you type will be used later on when you set up your environment. Please remember this password. Click OK.
  9. Open SQl Management Studio and type “select * from SSOSetting”. You will see all settings for UMS SSO.
  10. Update the Certificate by typing “update SSOSetting set LocalCertificateFile ='UMS-SSO.pfx'”
  11. Update the Password by typing “update SSOSetting set LocalCertificatePassword ='Velk0mmen2018'”.
  12. Open the IIS Server and click Start. Click Run type IISReset and then click OK.
  13. Open the AD FS Server and search for AD FS. Click on AD FS Management.
  14. Click on the Trust Relationships folder and then click on Relying Party Trusts.
  15. In the details panel, click the relying party trust that you want to update from federation metadata.
  16. In the Action panel, click Update from Federation Metadata.
  17. In the properties dialog box for the trust, click Update to start the update.
  18. When the update is complete, click OK.

Final

Retrieved from "http://wiki.inlogic.dk/index.php?title=SSO&oldid=777"