locked
SharePoint 2013 published to UAG with ADFS and Active Directory requirements RRS feed

  • Question

  • We have a requirement to publish SharePoint 2013 on UAG.

    We have two end-user scenarios:

    1. External ADFS customers.

    2. External AD customers.

    Can one trunk have both authentication repositories and application configured for each or do I have to create two separate trunks?

    We are also using PerformancePoint dashboards and Analysis Services data that utilize AD Security Groups for the data that is presented.  Is there a way to map the SAML users to an AD account or AD group for these permissions? 


    Ambers


    • Edited by AmbersEd Friday, June 21, 2013 7:19 PM Typo
    Friday, June 21, 2013 7:18 PM

All replies

  • Hiya,

    I presume you mean internal AD users?

    However, it doesn't really matter much, UAG can handle multiple authentication sources on one trunk.

    Yes it is possible, the user profile service should be able to help you with that.


    Saturday, June 22, 2013 9:42 AM
  • I gave it a shot and received this error so i'm thinking ADFS 2.0 must be an exception for allowing multiple authentication servers:

    "Federated authentication requires the use of a single AD FS 2.0 server only.  Remove the additional authentication servers and then click OK."

    It wasn't OK, but I clicked it anyway.

    I'll look into the user profile service.

    Thank you.


    Ambers



    • Edited by AmbersEd Saturday, June 22, 2013 4:32 PM typo
    Saturday, June 22, 2013 4:31 PM
  • Hiya,

    We are currently running a setup with ADFS 2.0 and AD authentication on the same trunk, so I know it's possible.

    ADFS externally and AD locally. - Hence the question if you meant local AD and not external AD. If you case is 2x ADFS I don't know :)

    Saturday, June 22, 2013 5:13 PM