MicroStrategy ONE
Importing Your MicroStrategy Identity Server Data into ADFS
To use Microsoft Active Directory Federation Services (ADFS) as a service provider for MicroStrategy Identity, you must add a claims provider trust in ADFS and import the MicroStrategy Identity Server metadata file.
The following steps contain only the information required to configure or use Microsoft ADFS with MicroStrategy Identity. See Microsoft's documentation for the latest information.
You must have a MicroStrategy Identity metadata file.
To Add a Claims Provider Trust in ADFS
- Download the metadata file from MicroStrategy Identity Manager.
- Copy the metadata file to a location on your ADFS server.
- To add a claims provider trust, import data about the claims provider from a file. To do this, upload the Identity metadata file.
- Assign a name to the claims provider.
- To add a pass through rule for User Principal Name (UPN) claims, create a rule that passes incoming claims.
- Assign a name to the rule. For example, enter
Pass Through UPN
. - Specify UPN as the incoming claim type.
- Make sure that all claim values are passed through.
- To add a pass through rule for email claims, create a rule that passes incoming claims.
- Assign a name to the rule. For example, enter
Pass Through email
. - Specify email addresses as the incoming claim type.
- Make sure that all claim values are passed through.
- To change the secure hash algorithm for the claims provider trust, in the claims provider trust properties, specify SHA-1 for the secure hash algorithm.
- To bypass certificate revocation checks, run Windows PowerShell® as an administrator, then enter the following commands in the PowerShell window:Copywhere:
Add-PSSnapin Microsoft.Adfs.PowerShell
Set-ADFSClaimsProviderTrust -TargetName "claims_provider_trust_name" -encryptioncertificaterevocationcheck None;
Set-ADFSClaimsProviderTrust -TargetName "claims_provider_trust_name" -SigningCertificateRevocationCheck None;claims_provider_trust_name
is the name of your claims provider trust. - To test the connection, open your Microsoft SharePoint website.
- From the Microsoft SharePoint site login page, select the name of the claims provider that you created.
- Scan the QR code with the MicroStrategy Badge app to log into Microsoft SharePoint.