Suche senden
Hochladen
Twobo LDAP Attribute Store for ADFS
•
0 gefällt mir
•
2,480 views
Twobo Technologies
Folgen
Technologie
Diashow-Anzeige
Melden
Teilen
Diashow-Anzeige
Melden
Teilen
1 von 19
Jetzt herunterladen
Downloaden Sie, um offline zu lesen
Empfohlen
Designing an API
Designing an API
Twobo Technologies
Neo-security Stack
Neo-security Stack
Twobo Technologies
Incorporating OAuth
Incorporating OAuth
Twobo Technologies
Nordic APIs - Integrated Social Solutions for a Cloudy, Mobile World
Nordic APIs - Integrated Social Solutions for a Cloudy, Mobile World
Twobo Technologies
Launching a Successful and Secure API
Launching a Successful and Secure API
Nordic APIs
Authorization The Missing Piece of the Puzzle
Authorization The Missing Piece of the Puzzle
Nordic APIs
Secure your APIs using OAuth 2 and OpenID Connect
Secure your APIs using OAuth 2 and OpenID Connect
Nordic APIs
Synergies of Cloud Identity: Putting it All Together
Synergies of Cloud Identity: Putting it All Together
Twobo Technologies
Empfohlen
Designing an API
Designing an API
Twobo Technologies
Neo-security Stack
Neo-security Stack
Twobo Technologies
Incorporating OAuth
Incorporating OAuth
Twobo Technologies
Nordic APIs - Integrated Social Solutions for a Cloudy, Mobile World
Nordic APIs - Integrated Social Solutions for a Cloudy, Mobile World
Twobo Technologies
Launching a Successful and Secure API
Launching a Successful and Secure API
Nordic APIs
Authorization The Missing Piece of the Puzzle
Authorization The Missing Piece of the Puzzle
Nordic APIs
Secure your APIs using OAuth 2 and OpenID Connect
Secure your APIs using OAuth 2 and OpenID Connect
Nordic APIs
Synergies of Cloud Identity: Putting it All Together
Synergies of Cloud Identity: Putting it All Together
Twobo Technologies
Incorporating OAuth: How to integrate OAuth into your mobile app
Incorporating OAuth: How to integrate OAuth into your mobile app
Nordic APIs
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
Nordic APIs
OAuth and OpenID Connect for Microservices
OAuth and OpenID Connect for Microservices
Twobo Technologies
1400 ping madsen-nordicapis-connect-01
1400 ping madsen-nordicapis-connect-01
Nordic APIs
Integrated social solutions, the power and pitfalls of mashups
Integrated social solutions, the power and pitfalls of mashups
Nordic APIs
OAuth Assisted Token Flow for Single Page Applications
OAuth Assisted Token Flow for Single Page Applications
Nordic APIs
OAuth & OpenID Connect Deep Dive
OAuth & OpenID Connect Deep Dive
Nordic APIs
Amazon Cognito Deep Dive
Amazon Cognito Deep Dive
Amazon Web Services
Authentication & Authorization for Connected Mobile & Web Applications using ...
Authentication & Authorization for Connected Mobile & Web Applications using ...
Amazon Web Services
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
Amazon Web Services
IdP, SAML, OAuth
IdP, SAML, OAuth
Dan Brinkmann
Cognito Customer Deep Dive
Cognito Customer Deep Dive
Amazon Web Services
Deploying Binaries To The Bin Folder Share Point Saturday Kc 2009
Deploying Binaries To The Bin Folder Share Point Saturday Kc 2009
Corey Roth
Enterprise Access Control Patterns for Rest and Web APIs
Enterprise Access Control Patterns for Rest and Web APIs
CA API Management
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
CA API Management
Introduction to SAML 2.0
Introduction to SAML 2.0
Mika Koivisto
Client Server Security with Flask and iOS
Client Server Security with Flask and iOS
Make School
OpenID Connect Explained
OpenID Connect Explained
Vladimir Dzhuvinov
Authentication & Authorization for Connected Mobile & Web Applications using ...
Authentication & Authorization for Connected Mobile & Web Applications using ...
Amazon Web Services
Saml in cloud
Saml in cloud
Nagraj Rao
Nordic APIs - Building a Secure API
Nordic APIs - Building a Secure API
Twobo Technologies
Tjänsteplattform i mtg - 2014 02-05
Tjänsteplattform i mtg - 2014 02-05
Advania
Weitere ähnliche Inhalte
Was ist angesagt?
Incorporating OAuth: How to integrate OAuth into your mobile app
Incorporating OAuth: How to integrate OAuth into your mobile app
Nordic APIs
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
Nordic APIs
OAuth and OpenID Connect for Microservices
OAuth and OpenID Connect for Microservices
Twobo Technologies
1400 ping madsen-nordicapis-connect-01
1400 ping madsen-nordicapis-connect-01
Nordic APIs
Integrated social solutions, the power and pitfalls of mashups
Integrated social solutions, the power and pitfalls of mashups
Nordic APIs
OAuth Assisted Token Flow for Single Page Applications
OAuth Assisted Token Flow for Single Page Applications
Nordic APIs
OAuth & OpenID Connect Deep Dive
OAuth & OpenID Connect Deep Dive
Nordic APIs
Amazon Cognito Deep Dive
Amazon Cognito Deep Dive
Amazon Web Services
Authentication & Authorization for Connected Mobile & Web Applications using ...
Authentication & Authorization for Connected Mobile & Web Applications using ...
Amazon Web Services
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
Amazon Web Services
IdP, SAML, OAuth
IdP, SAML, OAuth
Dan Brinkmann
Cognito Customer Deep Dive
Cognito Customer Deep Dive
Amazon Web Services
Deploying Binaries To The Bin Folder Share Point Saturday Kc 2009
Deploying Binaries To The Bin Folder Share Point Saturday Kc 2009
Corey Roth
Enterprise Access Control Patterns for Rest and Web APIs
Enterprise Access Control Patterns for Rest and Web APIs
CA API Management
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
CA API Management
Introduction to SAML 2.0
Introduction to SAML 2.0
Mika Koivisto
Client Server Security with Flask and iOS
Client Server Security with Flask and iOS
Make School
OpenID Connect Explained
OpenID Connect Explained
Vladimir Dzhuvinov
Authentication & Authorization for Connected Mobile & Web Applications using ...
Authentication & Authorization for Connected Mobile & Web Applications using ...
Amazon Web Services
Saml in cloud
Saml in cloud
Nagraj Rao
Was ist angesagt?
(20)
Incorporating OAuth: How to integrate OAuth into your mobile app
Incorporating OAuth: How to integrate OAuth into your mobile app
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
OAuth and OpenID Connect for Microservices
OAuth and OpenID Connect for Microservices
1400 ping madsen-nordicapis-connect-01
1400 ping madsen-nordicapis-connect-01
Integrated social solutions, the power and pitfalls of mashups
Integrated social solutions, the power and pitfalls of mashups
OAuth Assisted Token Flow for Single Page Applications
OAuth Assisted Token Flow for Single Page Applications
OAuth & OpenID Connect Deep Dive
OAuth & OpenID Connect Deep Dive
Amazon Cognito Deep Dive
Amazon Cognito Deep Dive
Authentication & Authorization for Connected Mobile & Web Applications using ...
Authentication & Authorization for Connected Mobile & Web Applications using ...
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
IdP, SAML, OAuth
IdP, SAML, OAuth
Cognito Customer Deep Dive
Cognito Customer Deep Dive
Deploying Binaries To The Bin Folder Share Point Saturday Kc 2009
Deploying Binaries To The Bin Folder Share Point Saturday Kc 2009
Enterprise Access Control Patterns for Rest and Web APIs
Enterprise Access Control Patterns for Rest and Web APIs
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
Introduction to SAML 2.0
Introduction to SAML 2.0
Client Server Security with Flask and iOS
Client Server Security with Flask and iOS
OpenID Connect Explained
OpenID Connect Explained
Authentication & Authorization for Connected Mobile & Web Applications using ...
Authentication & Authorization for Connected Mobile & Web Applications using ...
Saml in cloud
Saml in cloud
Andere mochten auch
Nordic APIs - Building a Secure API
Nordic APIs - Building a Secure API
Twobo Technologies
Tjänsteplattform i mtg - 2014 02-05
Tjänsteplattform i mtg - 2014 02-05
Advania
SäKerhet I Molnen
SäKerhet I Molnen
Predrag Mitrovic
2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO
Huy Pham
Transforming organizations into platforms
Transforming organizations into platforms
Twobo Technologies
Beveiliging en REST services
Beveiliging en REST services
Maurice De Beijer [MVP]
Alfresco: Implementing secure single sign on (SSO) with OpenSAML
Alfresco: Implementing secure single sign on (SSO) with OpenSAML
J V
Mobile SSO using NAPPS
Mobile SSO using NAPPS
Ashish Jain
#dd12 OAuth for Domino Developers
#dd12 OAuth for Domino Developers
Dominopoint - Italian Lotus User Group
SCIM presentation from CIS 2012
SCIM presentation from CIS 2012
Twobo Technologies
Introduction to OAuth2.0
Introduction to OAuth2.0
Oracle Corporation
The JSON-based Identity Protocol Suite
The JSON-based Identity Protocol Suite
Twobo Technologies
AWS Directory Service and Hybrid Strategy | AWS Public Sector Summit 2016
AWS Directory Service and Hybrid Strategy | AWS Public Sector Summit 2016
Amazon Web Services
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
CA API Management
Federation in Practice
Federation in Practice
ForgeRock
SAML and Other Types of Federation for Your Enterprise
SAML and Other Types of Federation for Your Enterprise
Denis Gundarev
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Alvaro Sanchez-Mariscal
Stateless authentication for microservices
Stateless authentication for microservices
Alvaro Sanchez-Mariscal
Running Active Directory in the AWS Cloud
Running Active Directory in the AWS Cloud
Amazon Web Services
IBM Single Sign-On
IBM Single Sign-On
Van Staub, MBA
Andere mochten auch
(20)
Nordic APIs - Building a Secure API
Nordic APIs - Building a Secure API
Tjänsteplattform i mtg - 2014 02-05
Tjänsteplattform i mtg - 2014 02-05
SäKerhet I Molnen
SäKerhet I Molnen
2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO
Transforming organizations into platforms
Transforming organizations into platforms
Beveiliging en REST services
Beveiliging en REST services
Alfresco: Implementing secure single sign on (SSO) with OpenSAML
Alfresco: Implementing secure single sign on (SSO) with OpenSAML
Mobile SSO using NAPPS
Mobile SSO using NAPPS
#dd12 OAuth for Domino Developers
#dd12 OAuth for Domino Developers
SCIM presentation from CIS 2012
SCIM presentation from CIS 2012
Introduction to OAuth2.0
Introduction to OAuth2.0
The JSON-based Identity Protocol Suite
The JSON-based Identity Protocol Suite
AWS Directory Service and Hybrid Strategy | AWS Public Sector Summit 2016
AWS Directory Service and Hybrid Strategy | AWS Public Sector Summit 2016
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Federation in Practice
Federation in Practice
SAML and Other Types of Federation for Your Enterprise
SAML and Other Types of Federation for Your Enterprise
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication for microservices
Stateless authentication for microservices
Running Active Directory in the AWS Cloud
Running Active Directory in the AWS Cloud
IBM Single Sign-On
IBM Single Sign-On
Ähnlich wie Twobo LDAP Attribute Store for ADFS
AWS Community Day Bangkok 2019 - Build a Serverless Web Application in 30 mins
AWS Community Day Bangkok 2019 - Build a Serverless Web Application in 30 mins
AWS User Group - Thailand
SHIFT LEFT WITH DEVSECOPS
SHIFT LEFT WITH DEVSECOPS
NETUserGroupBern
AWS Cyber Security Best Practices
AWS Cyber Security Best Practices
DoiT International
Best Practices for Integrating Active Directory with AWS Workloads
Best Practices for Integrating Active Directory with AWS Workloads
Amazon Web Services
Consulta cualquier fuente de datos usando SQL con Amazon Athena y sus consult...
Consulta cualquier fuente de datos usando SQL con Amazon Athena y sus consult...
javier ramirez
Deploying DAOS and ID Vault
Deploying DAOS and ID Vault
Luis Guirigay
Chris O'Brien - Best bits of Azure for Office 365/SharePoint developers
Chris O'Brien - Best bits of Azure for Office 365/SharePoint developers
Chris O'Brien
Office 365 APIs for your Applications
Office 365 APIs for your Applications
Ruhani Arora
Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish Kalamati
Girish Kalamati
Authentication and beyond, Atlassian aplications
Authentication and beyond, Atlassian aplications
Ambientia
Azure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD Deployment
Anthony Clendenen
Deep Dive on AWS Lambda
Deep Dive on AWS Lambda
Amazon Web Services
All ivanti is a secure workspace - Bsides Delft 2018
All ivanti is a secure workspace - Bsides Delft 2018
Johanna Curiel
Java Web Programming on Google Cloud Platform [1/3] : Google App Engine
Java Web Programming on Google Cloud Platform [1/3] : Google App Engine
IMC Institute
Kotlin server side frameworks
Kotlin server side frameworks
Ken Yee
48. Azure Active Directory - Part 1
48. Azure Active Directory - Part 1
Shawn Ismail
Workshop: We love APIs
Workshop: We love APIs
Amazon Web Services
Design for Compliance - AWS FS Cloud Symposium Apr 2019.pdf
Design for Compliance - AWS FS Cloud Symposium Apr 2019.pdf
Amazon Web Services
Accelerating Application Development with Amazon Aurora (DAT312-R2) - AWS re:...
Accelerating Application Development with Amazon Aurora (DAT312-R2) - AWS re:...
Amazon Web Services
Enterprise Governance: Build Your AWS Landing Zone (ENT351-R1) - AWS re:Inven...
Enterprise Governance: Build Your AWS Landing Zone (ENT351-R1) - AWS re:Inven...
Amazon Web Services
Ähnlich wie Twobo LDAP Attribute Store for ADFS
(20)
AWS Community Day Bangkok 2019 - Build a Serverless Web Application in 30 mins
AWS Community Day Bangkok 2019 - Build a Serverless Web Application in 30 mins
SHIFT LEFT WITH DEVSECOPS
SHIFT LEFT WITH DEVSECOPS
AWS Cyber Security Best Practices
AWS Cyber Security Best Practices
Best Practices for Integrating Active Directory with AWS Workloads
Best Practices for Integrating Active Directory with AWS Workloads
Consulta cualquier fuente de datos usando SQL con Amazon Athena y sus consult...
Consulta cualquier fuente de datos usando SQL con Amazon Athena y sus consult...
Deploying DAOS and ID Vault
Deploying DAOS and ID Vault
Chris O'Brien - Best bits of Azure for Office 365/SharePoint developers
Chris O'Brien - Best bits of Azure for Office 365/SharePoint developers
Office 365 APIs for your Applications
Office 365 APIs for your Applications
Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish Kalamati
Authentication and beyond, Atlassian aplications
Authentication and beyond, Atlassian aplications
Azure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD Deployment
Deep Dive on AWS Lambda
Deep Dive on AWS Lambda
All ivanti is a secure workspace - Bsides Delft 2018
All ivanti is a secure workspace - Bsides Delft 2018
Java Web Programming on Google Cloud Platform [1/3] : Google App Engine
Java Web Programming on Google Cloud Platform [1/3] : Google App Engine
Kotlin server side frameworks
Kotlin server side frameworks
48. Azure Active Directory - Part 1
48. Azure Active Directory - Part 1
Workshop: We love APIs
Workshop: We love APIs
Design for Compliance - AWS FS Cloud Symposium Apr 2019.pdf
Design for Compliance - AWS FS Cloud Symposium Apr 2019.pdf
Accelerating Application Development with Amazon Aurora (DAT312-R2) - AWS re:...
Accelerating Application Development with Amazon Aurora (DAT312-R2) - AWS re:...
Enterprise Governance: Build Your AWS Landing Zone (ENT351-R1) - AWS re:Inven...
Enterprise Governance: Build Your AWS Landing Zone (ENT351-R1) - AWS re:Inven...
Kürzlich hochgeladen
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
Radu Cotescu
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Maria Levchenko
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
naman860154
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
Slack Application Development 101 Slides
Slack Application Development 101 Slides
praypatel2
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Neo4j
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
HampshireHUG
Kürzlich hochgeladen
(20)
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Slack Application Development 101 Slides
Slack Application Development 101 Slides
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
Twobo LDAP Attribute Store for ADFS
1.
Twobo LDAP Attribute
Store for ADFS Using ADFS with LDAP servers that don’t support Windows authentication Copyright © 2013 Twobo Technologies AB. All rights reserved
2.
Agenda Limitations and
restrictions of ADFS 2 Possible workarounds Alternatives Open source From Twobo Installation and use Copyright © 2013 Twobo Technologies AB. All rights reserved
3.
Restrictions in ADFS
2 Out-of-the-box LDAP attribute store requires Windows authentication “When you work with other Lightweight Directory Access Protocol (LDAP)-based attribute stores [besides AD], you must connect to an LDAP-capable server that supports Windows Integrated Authentication” -- TechNet (http://bit.ly/1bWt3rn) Copyright © 2013 Twobo Technologies AB. All rights reserved
4.
Workarounds 1. Enable Windows
Authentication on the LDAP server 2. Connect ADFS to some other IP-STS and use ADFS as an FPSTS only 3. Use an alternative LDAP attribute store that supports other authentication schemes Copyright © 2013 Twobo Technologies AB. All rights reserved
5.
Open Source LDAP
Attribute Stores A few open source options available Limited features (purpose built) Limited testing Unproven Undocumented Unsupported None with communities Copyright © 2013 Twobo Technologies AB. All rights reserved
6.
Twobo LDAP Attribute
Store Supports simple and anonymous bind Supports multi-value attributes Supports decoding binary data fields based on various encodings Supports LDAPS Works with ADFS 2.0 and 2.1 Better documentation Rule-specific scope and search base Commercially supported by a security company Copyright © 2013 Twobo Technologies AB. All rights reserved
7.
Configuration Normal attribute
store configuration Use ADFS cmdlets Use ADFS Management Console Copyright © 2013 Twobo Technologies AB. All rights reserved
8.
Configuration Options Setting servername* defaultRoot* port defaultScope secured password username encoding Description Name or
IP of LDAP server Default search location Port of LDAP server Default search scope Use of LDAP or LDAPS Password used when binding Username used when binding Code page to use when decoding binary data Copyright © 2013 Twobo Technologies AB. All rights reserved
9.
Using the Attribute
Store Use with custom rules wherever ADFS allows (issuance, authorization, etc.) Copyright © 2013 Twobo Technologies AB. All rights reserved
10.
Typical Issuance Rule c:[Type
== "http://schemas.xmlsoap.org/.../upn"] => issue(store = "2BOLDAP", types = ("http://schemas.xmlsoap.org/.../emailaddress", Input claim Store name "http://schemas.xmlsoap.org/.../privatepersonalidentifier"), query = "uid={0}mail,uid", param = c.Value); Substitution value Copyright © 2013 Twobo Technologies AB. All rights reserved Attributes in LDAP LDAP filter Output claims
11.
When User IDs
Don’t Match 1. Add a new input claim from AD Copyright © 2013 Twobo Technologies AB. All rights reserved
12.
When User IDs
Don’t Match 2. Derive it using an “add” rule followed by an “issue” Copyright © 2013 Twobo Technologies AB. All rights reserved
13.
Example of an
“Add” Rule c:[Type == "http://schemas.microsoft.../windowsaccountname"] => add(Type = "_uname", Issuer = c.Issuer, OriginalIssuer = c.OriginalIssuer, Value = regexreplace( c.Value, "(?<domain>[^]+)(?<user>.+)", "${user}"), ValueType = c.ValueType); Copyright © 2013 Twobo Technologies AB. All rights reserved
14.
Example of an
“Add” Rule c:[Type == "_uname"] => issue(store = "2BOLDAP", types = ("http://schemas.xmlsoap.org/.../emailaddress", "http://schemas.xmlsoap.org/.../privatepersonalidentifier"), query = "uid={0}mail,uid", param = c.Value); Copyright © 2013 Twobo Technologies AB. All rights reserved
15.
Example of Non-default
Base and Scope c:[Type == "_uname"] => issue(store = "2BOLDAP", types = ("http://schemas.xmlsoap.org/.../emailaddress", "http://schemas.xmlsoap.org/.../privatepersonalidentifier"), query = "uid={0}mail,uidou=People,dc=example,dc=comSubtree", param = c.Value); Rule-specific search base Copyright © 2013 Twobo Technologies AB. All rights reserved Rule-specific search scope
16.
Example of Retrieving
a Disguised Name c:[Type == "_uname"] => issue(store = "2BOLDAP", types = ("http://schemas.xmlsoap.org/.../emailaddress", "http://schemas.xmlsoap.org/.../privatepersonalidentifier"), query = "uid={0}distinguishedName", param = c.Value); Copyright © 2013 Twobo Technologies AB. All rights reserved Distinguished name can be treated as an attribute though it is not; “dn” works as well.
17.
Tested Systems LDAP
Servers OpenLDAP using anonymous bind and simple bind with and without SSL (on Linux) AD LDS using simple bind (on W2K8 R2) Siemens DirX Directory using simple bind with and without SSL (on *NIX) ApacheDS using simple bind (on Linux) ADFS 2.0 2.1 Copyright © 2013 Twobo Technologies AB. All rights reserved
18.
Questions & Thanks @2botech Copyright
© 2013 Twobo Technologies AB. All rights reserved www.2botech.com
Jetzt herunterladen