Dear Group,
I'm trying to enable SSO for Expressway MRA setup based on this documentation: https://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/expressway/config_gu ide/X8-9/Mobile-Remote-Access-via-Expressway-Deployment-Guide-X8-9.pdf For IdP we're using AD FS 3.0 and what I'm really interested is in part on page 43 (Active Directory Federation Services 2.0) - unfortunately no success so far. So here questions: 1) Does anyone have working solution with AD FS ? 2) Does it require same Custom Rules as for CUCM ? c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccount <http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccount%0bna me> name"]=> issue(Type = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name <http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name%0bidentifier> identifier", Issuer = c.Issuer, OriginalIssuer = c.OriginalIssuer, Value = c.Value, ValueType = c.ValueType, Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/ <http://schemas.xmlsoap.org/ws/2005/05/identity/%0bclaimproperties/format> claimproperties/format"] = "urn:oasis:names:tc:SAML:2.0:nameid-format:transient", Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/n ame <http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/name%0bquali fier> qualifier"] = "http:// <http://%3cFQDN%20of%20ADFS%3e/com/adfs/services/trust> <FQDN of ADFS>/com/adfs/services/trust", Properties ["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/spnamequali fier"] = "<FQDN of CUCM>"); Screenshots from working setup (AD FS rules) would be nice (can be private if can't be send to group) Hope someone have it working J Many thanks, Lukasz
_______________________________________________ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip