Were you able to complete the o365 setup with cas? On Wednesday, July 3, 2019 at 9:26:36 AM UTC-5, Robert Bond wrote: > > If you do not want to use Azure AD Connect you can create a process to > sync via powershell. I have an example on my github: > https://github.com/bondr007/office365UserSync it consumes a csv and does > some querys to AD. It could be modified for openldap. > > The steps to actually enable SSO on office are hard to find, It has to be > done via powershell. Here is what I used: > > http://malithiedirisinghe.blogspot.com/2015/12/office-365-saml-20-federation-with-wso2.html > > Here are the specific settings I used when configuring office 365 > federation with cas. > ActiveLogOnUri : > DefaultInteractiveAuthenticationMethod : > FederationBrandName : > IssuerUri : https://logon.example.com/cas/idp > LogOffUri : > https://logon.example/cas/logout?service=http%3A%2F%2Fportal.office.com%2F > MetadataExchangeUri : > NextSigningCertificate : > OpenIdConnectDiscoveryEndpoint : > PassiveLogOnUri : > https://logon.example.com/cas/idp/profile/SAML2/POST/SSO > > Let me know if that helps. > > > On Wed, Jul 3, 2019 at 5:19 AM Alfonso Veraluz <averalu...@gmail.com> > wrote: > >> Hello Robert >> >> Users from the openLdap and from the O365 are not synced at all at the >> moment. It's supossed to achive this with the Azure AD Connect but this >> means a new server on Windows and seems the only option it may fit is with >> the Passthrough option ( >> https://docs.microsoft.com/es-es/azure/active-directory/hybrid/how-to-connect-pta) >> >> . Not sure about it and i can test it but will require some time to build >> and configure it. This can be achieved via powershell? >> >> As @casuser, the steps to be done in the O365 are not very clear in the >> documentation >> >> Thanks >> >> El martes, 2 de julio de 2019, 23:41:11 (UTC+2), Robert Bond escribió: >>> >>> >>> Were you able to complete the setup? >>> >>> Thanks! >>> On Tuesday, July 2, 2019 at 9:38:53 AM UTC-5, Alfonso Veraluz wrote: >>>> >>>> Hello. >>>> >>>> I have a CAS 5.2.3 running fine with a Tomcat 8.0.32, Openjdk 1.8 and >>>> connected to a OpenLdap so my users can login with the uid and the mail. >>>> This CAS is actually providing SSO between Alfresco and Liferay. >>>> >>>> I want to add the SSO with Office365 but only for a particular public >>>> domain and there are some questions: >>>> >>>> 1.- What FederationMetadata.xml is needed to provide in CAS, the one in >>>> https://nexus.microsoftonline-p.com/federationmetadata/saml20/federationmetadata.xml >>>> >>>> or the one with my EntityID provided from the Portal Azure Admin section? >>>> 2.- How to map the mail in the OpenLdap to be the same at O365 account? >>>> It's suposed the idp will map in the cas.samlSp.office365.attributes? >>>> >>>> adding this to my cas.properties should be enough? >>>> >>>> #/etc/cas/saml/frommsoft/federationmetadata.xml from >>>> https://nexus.microsoftonline-p.com/federationmetadata/saml20/federationmetadata.xml >>>> >>>> >>>> cas.samlSP.office365.metadata=/etc/cas/saml/frommsoft/federationmetadata.xml >>>> cas.samlSp.office365.name=O365 >>>> cas.samlSp.office365.description=Office365 Integration >>>> cas.samlSp.office365.nameIdAttribute=scopedImmutableID >>>> cas.samlSp.office365.attributes=IDPEmail,ImmutableID >>>> >>>> Thanks your comments. >>>> >>> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to cas-user+unsubscr...@apereo.org. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/49ba8f0f-fee3-4bcb-a154-d2345360178d%40apereo.org >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/49ba8f0f-fee3-4bcb-a154-d2345360178d%40apereo.org?utm_medium=email&utm_source=footer> >> . >> > > > -- > Robert Bond > Network Administrator > (918) 444-5886 > Northeastern State University >
-- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/f421b7a0-3a97-466d-9479-695e1fd4b3c0%40apereo.org.
