MicroStrategy ONE

Importing Your MicroStrategy Identity Server Data into ADFS

To use Microsoft Active Directory Federation Services (ADFS) as a service provider for MicroStrategy Identity, you must add a claims provider trust in ADFS and import the MicroStrategy Identity Server metadata file.

The following steps contain only the information required to configure or use Microsoft ADFS with MicroStrategy Identity. See Microsoft's documentation for the latest information.

You must have a MicroStrategy Identity metadata file.

To Add a Claims Provider Trust in ADFS

  1. Download the metadata file from MicroStrategy Identity Manager.
  2. Copy the metadata file to a location on your ADFS server.
  3. To add a claims provider trust, import data about the claims provider from a file. To do this, upload the Identity metadata file.
  4. Assign a name to the claims provider.
  5. To add a pass through rule for User Principal Name (UPN) claims, create a rule that passes incoming claims.
  6. Assign a name to the rule. For example, enter Pass Through UPN.
  7. Specify UPN as the incoming claim type.
  8. Make sure that all claim values are passed through.
  9. To add a pass through rule for email claims, create a rule that passes incoming claims.
  10. Assign a name to the rule. For example, enter Pass Through email.
  11. Specify email addresses as the incoming claim type.
  12. Make sure that all claim values are passed through.
  13. To change the secure hash algorithm for the claims provider trust, in the claims provider trust properties, specify SHA-1 for the secure hash algorithm.
  14. To bypass certificate revocation checks, run Windows PowerShell® as an administrator, then enter the following commands in the PowerShell window:
    Copy
    Add-PSSnapin Microsoft.Adfs.PowerShell
    Set-ADFSClaimsProviderTrust -TargetName "claims_provider_trust_name" -encryptioncertificaterevocationcheck None;
    Set-ADFSClaimsProviderTrust -TargetName "claims_provider_trust_name" -SigningCertificateRevocationCheck None;
    where:
    claims_provider_trust_name is the name of your claims provider trust.
  15. To test the connection, open your Microsoft SharePoint website.
  16. From the Microsoft SharePoint site login page, select the name of the claims provider that you created.
  17. Scan the QR code with the MicroStrategy Badge app to log into Microsoft SharePoint.

Related TopicsSpecifying Active Directory Federation Services (ADFS) as Your Service Provider

Configuring ADFS on a Server

Configuring SharePoint to Work with ADFS

Configuring Exchange to Work with ADFS