Office 365 SAML - Test domain configuration

By: Craig Harrison user 04 Nov 2017 at 4:33 a.m. CDT

9 Responses
Craig Harrison gravatar
Hi, I am in the process of creating a test environment of Gluu. I have configured Gluu to point to test AD environment and I am in currently trying to configure SAML configuration for our test Office 365 domain for email. Currently when I try to log in with a test account Gluu is authenticating users according to logs and the relevent attributes are being passed through however it does not log me into Office 365, it seems to just send me back to the log in page, any idea pointers would be great. Thanks
Ubuntu 16.04
closed

Answers

By Mohib Zico staff 04 Nov 2017 at 4:35 a.m. CDT

Copy
Mohib Zico gravatar
Hello Craig, Is nameID being released from Gluu Server?

By Craig Harrison user 07 Nov 2017 at 5:23 a.m. CST

Copy
Craig Harrison gravatar
Hi, I have managed to get this working however I cannot sign in to Office applications and also on Apps on devices such as Android and IOS mobiles. Do you have any information regarding this? Thanks

By Mohib Zico staff 07 Nov 2017 at 6:05 a.m. CST

Copy
Mohib Zico gravatar
Without log it's impossible to troubleshoot, sorry.

By Craig Harrison user 13 Nov 2017 at 2:36 a.m. CST

Copy
Craig Harrison gravatar
Hi, which log would you need? Authentication to Office 365 using SAML is working through a webpage however it does not seem to work with rich applications or mobile apps. If you can point me in the right direction for configuring this that would be great. Thanks

By Mohib Zico staff 15 Nov 2017 at 6:30 a.m. CST

Copy
Mohib Zico gravatar
Hello Craig, You might need to configure ECP profile, however please feel free to compare your setup with our updated O365 [doc](https://gluu.org/docs/ce/3.1.1/integration/saas/office/).

By Craig Harrison user 16 Nov 2017 at 4:12 a.m. CST

Copy
Craig Harrison gravatar
Thanks for getting back to me, can a ECP profile be configured through the Gluu GUI? if not can you direct me to the location of the configuration files for this. Thanks

By Mohib Zico staff 16 Nov 2017 at 4:40 a.m. CST

Copy
Mohib Zico gravatar
>> can a ECP profile be configured through the Gluu GUI? No. >> if not can you direct me to the location of the configuration files for this. I think you will get lot of sample configurations in internet, we just need to make sure one thing... Gluu's shibboleth configurations are loading from velocity templates ( /opt/gluu/jetty/identity/conf/shibboleth/idp/ ) and placing them inside /opt/shibboleth-idp/conf/ with values. Whatever we do in Gluu server configuration, we need to talk to velocity templates first.

By Craig Harrison user 20 Nov 2017 at 5:03 a.m. CST

Copy
Craig Harrison gravatar
Hi, I noticed in your new SaaS Office 365 documentation you mention the use of ADFS acting as a service provider to the Gluu Server. Please can you provide more information regarding this? I understand that this would provide the mechanism for rich clients to authenticate however we initially wanted to use Gluu as our only SSO system allowing use to move away from ADFS but this seems to not be the case. Thanks

By Mohib Zico staff 20 Nov 2017 at 5:09 a.m. CST

Copy
Mohib Zico gravatar
Unfotunately we can't achieve SSO of any MS product without ADFS or Azure. I agree this is a pain but thats how they designed it in my experience.

Post an answer