07-25-2018 03:24 AM
Hi,
I have 2 questions regarding AD FS and how the users will synch from the AD to OnBase.
Q1
After configuration everything following the document "Integration for Microsoft Active Directory Deferated Services (AD FS) White Paper for OnBase 14 and higher" I didn't see any configuration needed in the Configuration like I could do for "Active Directory - Basic / Enhanced".
So is it correct to assume that except creating matching OnBase Groups with the same name as the security groups from the AD I don't have anything else to do ?
Q2
I didn't find anything on how does the users synch. with OnBase. Is it on the first login that the user will be created in OnBase Configuration ? Do we need to create all users in Configuration ?
I'm sorry if the questions are obvious but I can't find the informations !
Thanks for any and all help and feedback !
07-25-2018 04:44 AM
Hi Thibaud,
1. Correct, there are no configuration items in OnBase Configuration for ADFS. All configuration is done in web.config files.
2. Users are created on first login, and should be removed from groups in OnBase when the groups do not exist in the ADFS token, like if a user moves between departments. ADFS behaves exactly like Basic NT Authentication for group matching.
Mike
07-25-2018 04:44 AM
Hi Thibaud,
1. Correct, there are no configuration items in OnBase Configuration for ADFS. All configuration is done in web.config files.
2. Users are created on first login, and should be removed from groups in OnBase when the groups do not exist in the ADFS token, like if a user moves between departments. ADFS behaves exactly like Basic NT Authentication for group matching.
Mike
07-25-2018 05:39 AM
07-25-2018 05:51 AM
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.