Skip to main content

How do you set up SSO with Active Directory using SAML? - Knowledgebase / API, SAML, integrations and general settings - Help Desk

How do you set up SSO with Active Directory using SAML?

Authors list
  • Ester Andersson

  • David Berg

Step 1 –Contact Learnifier

Contact support@learnifier.com and let us know that you want to set up SSO with Active Directory. We will then give you a customer-specific metadata URL for you to use.

*OBS: We recommend that you use at least AD FS 3.0 (included in Windows 2012R2) or later.*

Step 2 – Adding Learnifier as a Relying Party Trust in ADFS

Start the AD FS Management tool under Administrative Tools

Select the Trust Relationships folder and right click and select Add Relying Party Trusts

https://learnifier.intercom-attachments-1.com/i/o/531050754/a1d425aec2c8445530097ac5/saml2012r2_012.png

On the Welcome to the Add Relying Party Trust Wizard click Start

Make sure that the Import data about the relying party published online or on a local network button is selected.

Enter the customer-specific metadata URL you received from Learnifier. For example in this picture where you should enter "https://service.learnifier.com/auth_saml/saml/metadata" in the field.

https://learnifier.intercom-attachments-1.com/i/o/531050777/966b2c47a14370b943ac0935/saml2012r2_014.png

Edit the display name and note if you like. When finished click Next

https://learnifier.intercom-attachments-1.com/i/o/531050806/27d9be4576a124802436ba85/saml2012r2_023.png

On this page, select to not use MFA.

https://learnifier.intercom-attachments-1.com/i/o/531050824/b217aa60b4a96bd919c4de8b/saml2012r2_016.png

On this page, permit all users to access Learnifier

https://learnifier.intercom-attachments-1.com/i/o/531050830/4600c77ac57069ef53f87dc8/saml2012r2_017.png

On this page, simply click Next

https://learnifier.intercom-attachments-1.com/i/o/531050842/8619f73b2836770224eb9399/saml2012r2_018.png

Make sure that the checkbox is marked and click close.

https://learnifier.intercom-attachments-1.com/i/o/531050850/a0924782f2f191f839ab958a/saml2012r2_019.png

Click on “Add Rule”

https://learnifier.intercom-attachments-1.com/i/o/531050860/150543568319aa6aab6a592f/saml2012r2_020.png

Select to Send LDAP Attributes as Claims

https://learnifier.intercom-attachments-1.com/i/o/531050873/d343b8ee40eccb2fc34e8e3d/saml2012r2_021.png

Enter “Learnifier Claims” as the Claim rule name. Make sure that the Attribute Store is Active Directory and add the values according to the screenshot.

https://learnifier.intercom-attachments-1.com/i/o/531050885/76d4ebfabb3ce85cb3537760/saml2012r2_022.png

Step 3 – Contact Learnifier

Contact your representative and provide him/her with the URL of the SAML metadata for your Active Directory Federation Services. If the login web server / AD FS is reachable under https://login.example.com the metadata is usually available at https://login.example.com/FederationMetadata/2007-06/FederationMetadata.xml. The link must be an HTTP link and the server must be reachable from the public internet.

You should receive a response shortly after that the connection is established.

Troubleshooting

Make sure that the Secure hash algorithm is set to SHA-256 (available under the Advanced tab) in the created Relying Party Trust.

Scroll Element