Configuring HMP SSO with AD FS
Single Sign-On with AD FS requires configuring the AD FS server and the HMP server concurrently. It is important to note that each configuration is unique to its environment, and additional steps may be necessary.
The requirements are generally as follows:
- HMP user or groups that have credentials in AD FS.
An admin user with administrative access to AD FS and HMP.
Note
The HMP admin user must have the same email address as the corresponding Active Directory user. In version 2.6 (and earlier) of HMP, the email addresses must be a case-sensitive match.
- Your enterprise SSO system uses Windows Server 2008 or higher, Active Directory Domain Services (AD DS), and Active Directory Federation Services (AD FS) version 2.0 or greater.
Note
For mobile and other external users, an AD FS proxy server is recommended for single sign-on authentication to HMP (not covered in this document).
The procedure consists of the following steps:
- Gather the HMP parameters needed to configure AD FS.
- Configure AD FS to enable SSO for HMP.
- Gather the AD FS parameters needed and configure HMP to authenticate users via SSO.
- Test the SSO access to HMP.