Shibboleth v4 Upgrade Guidance
Regardless of the platform you use, keeping current on your Identity Provider (IdP) software is a vital factor in your organization’s security practices. This guidance highlights upcoming end-of-support in December 2020 for Shibboleth IdPs older than v4.0.1 and aims to … Read More
The ADFSToolkit functionality has been added to the CAF Federated Identity Management (FIM) service. The ADFSToolkit is a set of tools to augment existing ADFS Identity Provider installations and allows an existing ADFS Identity Provider to have an additional option for participation in FIM.
CANARIE has published the ADFSToolkit module in the Microsoft PowerShellGallery.
The key items enabled by the ADFSToolkit are:
- Retrieval and signature verification of the CAF FIM service trust records
- Ingestion of the entities into ADFS using the one-at-a-time trust relationship paradigm
- Automatic setting of attribute release policies for entity categories
- Site-specific additions of attribute releases on a per service basis
- Ability to keep current with the CAF FIM service trust records on an hourly basis by setting a scheduled job
- Ability to better diagnose problems
Using SAML Proxying in the Shibboleth IdP to Connect with Azure AD
You may find this solution here. It is a CANARIE contribution back to the international community.