Instructions for AD FS 2.x

Am I able to use ADFS 2.X for single sign-on?

AD FS 2.X is one of the options we have for single sign-on.
  • Here's the Process:
  1. Open AD FS management console.
  2. Navigate to Trust Relationships, Relying Party Trusts.
  3. Select Add Relying Party Trust from the menu on the right.
  4. Select Enter data about the relying party manually
  5. Click next and choose a Display Name to use on your SSO pages along with a description.
  6. Click Next. Choose AD FS Profile.
  7. Click Next
  8. Click Next. Do not choose any additional options under Configure URL
  9. Click Next. Add https://purelyhr.com/ as the Relying trust identifier.
  10. Click next. Choose Permit all users to access this relying party (other options are outside of the scope of this document).
  11. Click Next.
  12. Click Next. Unselect the Open the Edit Claim Rules dialogue for this relying party trust when the wizard closes.
  13. Click Close. Select the properties of the Relying Party Trust you just created. Navigate to the Signature tab.
  14. Click Add and import the x.509 certificate that you added to your Purelyhr SSO settings. Select the Advanced Tab.
  15. Change the Secure hash algorithm to SHA-1 and click ok. Select Edit Claim Rules.
  16. Click Add Rule from Issuance Transform Rules (Usually email, firstname, and lastname) 
  17. Select Send LDAP Attributes as Claims.
  18. Click Next.