Were you able to complete the o365 setup with cas? On Wednesday, July 3, 2019 at 9:26:36 AM UTC-5, Robert Bond wrote: > > If you do not want to use Azure AD Connect you can create a process to > sync via powershell. I have an example on my github: > https://github.com/bondr007/office365UserSync it consumes a csv and does > some querys to AD. It could be modified for openldap. > > The steps to actually enable SSO on office are hard to find, It has to be > done via powershell. Here is what I used: > > http://malithiedirisinghe.blogspot.com/2015/12/office-365-saml-20-federation-with-wso2.html > > Here are the specific settings I used when configuring office 365 > federation with cas. > ActiveLogOnUri : > DefaultInteractiveAuthenticationMethod : > FederationBrandName : > IssuerUri : https://logon.example.com/cas/idp > LogOffUri : > https://logon.example/cas/logout?service=http%3A%2F%2Fportal.office.com%2F > MetadataExchangeUri : > NextSigningCertificate : > OpenIdConnectDiscoveryEndpoint : > PassiveLogOnUri : > https://logon.example.com/cas/idp/profile/SAML2/POST/SSO > > Let me know if that helps. > > > On Wed, Jul 3, 2019 at 5:19 AM Alfonso Veraluz <[email protected]> > wrote: > >> Hello Robert >> >> Users from the openLdap and from the O365 are not synced at all at the >> moment. It's supossed to achive this with the Azure AD Connect but this >> means a new server on Windows and seems the only option it may fit is with >> the Passthrough option ( >> https://docs.microsoft.com/es-es/azure/active-directory/hybrid/how-to-connect-pta) >> >> . Not sure about it and i can test it but will require some time to build >> and configure it. This can be achieved via powershell? >> >> As @casuser, the steps to be done in the O365 are not very clear in the >> documentation >> >> Thanks >> >> El martes, 2 de julio de 2019, 23:41:11 (UTC+2), Robert Bond escribió: >>> >>> >>> Were you able to complete the setup? >>> >>> Thanks! >>> On Tuesday, July 2, 2019 at 9:38:53 AM UTC-5, Alfonso Veraluz wrote: >>>> >>>> Hello. >>>> >>>> I have a CAS 5.2.3 running fine with a Tomcat 8.0.32, Openjdk 1.8 and >>>> connected to a OpenLdap so my users can login with the uid and the mail. >>>> This CAS is actually providing SSO between Alfresco and Liferay. >>>> >>>> I want to add the SSO with Office365 but only for a particular public >>>> domain and there are some questions: >>>> >>>> 1.- What FederationMetadata.xml is needed to provide in CAS, the one in >>>> https://nexus.microsoftonline-p.com/federationmetadata/saml20/federationmetadata.xml >>>> >>>> or the one with my EntityID provided from the Portal Azure Admin section? >>>> 2.- How to map the mail in the OpenLdap to be the same at O365 account? >>>> It's suposed the idp will map in the cas.samlSp.office365.attributes? >>>> >>>> adding this to my cas.properties should be enough? >>>> >>>> #/etc/cas/saml/frommsoft/federationmetadata.xml from >>>> https://nexus.microsoftonline-p.com/federationmetadata/saml20/federationmetadata.xml >>>> >>>> >>>> cas.samlSP.office365.metadata=/etc/cas/saml/frommsoft/federationmetadata.xml >>>> cas.samlSp.office365.name=O365 >>>> cas.samlSp.office365.description=Office365 Integration >>>> cas.samlSp.office365.nameIdAttribute=scopedImmutableID >>>> cas.samlSp.office365.attributes=IDPEmail,ImmutableID >>>> >>>> Thanks your comments. >>>> >>> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/49ba8f0f-fee3-4bcb-a154-d2345360178d%40apereo.org >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/49ba8f0f-fee3-4bcb-a154-d2345360178d%40apereo.org?utm_medium=email&utm_source=footer> >> . >> > > > -- > Robert Bond > Network Administrator > (918) 444-5886 > Northeastern State University >
-- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/f421b7a0-3a97-466d-9479-695e1fd4b3c0%40apereo.org.
