Symantec Access Management

 View Only
  • 1.  Azure and CA SSO

    Posted Jul 13, 2018 11:53 AM

    We are trying to configure a federation between Azure and CA SSO according to the runbook:

    https://support.ca.com/phpdocs/1/8231/runbooks/CASM-MicrosoftAzureFederationRunbook-ver1.2.pdf

     

    CA SSO will be the IdP and Azure will be the SP

     

    Seems like the runbook is outdated because the link to the Azure Platform is no longer https://manage.windowsazure.com ,the Active Directory Access Control feature is no longer avaliable and according to this:

    Migrar desde Azure Access Control Service | Microsoft Docs 

    Microsoft is requesting all users to migrate their authentication mechanisms before November 7, 2018.

     

    Is there any updated runbook or any "how to" document to configure the partnership between Azure's portal and CA SSO?

     

    Thanks in advace.



  • 2.  Re: Azure and CA SSO

    Posted Jul 13, 2018 12:03 PM

    hapagola

     

    May we know what is acting as IdP and what is action as SP ?

     

    If it is the Azure side of configurations that you are interested in, that'd be not available here. What we have in the runbook is a simple OOB Integration. A lot can change thereafter. What is present in the runbook as far as CA SSO is concerned should hold true OR at worse give you a perspective of what needs to configured on CA SSO end. 

     

    We can certainly guide you from CA SSO perspective, depending on what role CA SSO assumes (i.e. IdP or SP).



  • 3.  Re: Azure and CA SSO

    Posted Jul 13, 2018 12:07 PM

    Thanks for your comment Hubert, i edited the question so others can understand it better.

     

    CA SSO will be the IdP and Azure will be the SP.

     

    Regards,



  • 4.  Re: Azure and CA SSO

    Posted Jul 13, 2018 12:14 PM

    hapagola

     

    Could you break it down further as to what are you looking for CA SSO IdP side Configurations for Federation OR Azure SP side Configurations for federation ?

     

    Chapter-2 on the runbook, lists out all the steps needs from CA SSO IdP perspective for federation. What could change is facts like using SAML2.0 instead of SAML1.1. However Chapter-2 should give us the essentials needed to get started from CA SSO configuration.

     

    We may have to play with this on Azure SP end.

    Referencia del protocolo SAML de Azure AD | Microsoft Docs  



  • 5.  Re: Azure and CA SSO

    Posted Jul 13, 2018 02:13 PM

    From the CA SSO side as IdP there is no trouble, the runbook is pretty clear.

     

    The problem that we encounter is when we get to the Chapter-3, when you have to enable the federation at Microsoft Azure, as i mentioned before, the features that must be configured are going to be deprecated.

     

    So, how do we configure Azure as the SP?

     

    Thank you for the help Hubert.