Windows Server 2012 AD FS SSO from Salesforce
I'm trying to setup SSO in Salesforce by AD FS by followinghttps://help.salesforce.com/articleView?id=identity_provider_examples_3p_adfs.htm&type=5URL & MC Remedyforce and Single Sign-On. But when I tried to openhttps://ibl-unisys.ibl-unisys.local/adfs/ls/ This site can’t be reached error occurred. Maybe due to Identity provider issue. When I hit Set-AdfsProperties -EnableIdpInitiatedSignonPage $true in Powershell it give error. Below mentioned snapshot for your reference; Basically i want toconnectSalesforce with MS Server 2012 active directory. I perform all steps from BMC documents "BMC Remedyforce and Single Sign-On" Configuring Single Sign-On Using ADFS 2.0& Configure SSO to Salesforce Using Microsoft AD FS as the Identity Provider but failed to connect with it. Need suggestion. Following are setting & error as well: AcceptableIdentifiers : {} AddProxyAuthorizationRules : exists([Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid", Value == "S-1-5-32-544", Issuer =~ "^AD AUTHORITY$"]) => issue(Type = "http://schemas.microsoft.com/authorization/claims/permit", Value = "true"); c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid", Issuer =~ "^AD AUTHORITY$" ] => issue(store="_ProxyCredentialStore",types=("http ://schemas.microsoft.com/authorization/claims/permit"),query="isProxyTrust ManagerSid({0})", param=c.Value ); c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/proxytrustid", Issuer =~ "^SELF AUTHORITY$" ] => issue(store="_ProxyCredentialStore",types=("http ://schemas.microsoft.com/authorization/claims/permit"),query="isProxyTrust Provisioned({0})", param=c.Value ); ArtifactDbConnection : Data Source=np:\\.\pipe\microsoft##wid\tsql\query;Initial Catalog=AdfsArtifactStore;Integrated Security=True AuthenticationContextOrder : {urn:oasis:names:tc:SAML:2.0:ac:classes:Password, urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport, urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient, urn:oasis:names:tc:SAML:2.0:ac:classes:X509...} AutoCertificateRollover : True CertificateCriticalThreshold : 2 CertificateDuration : 365 CertificateGenerationThreshold : 20 CertificatePromotionThreshold : 5 CertificateRolloverInterval : 720 CertificateSharingContainer : CN=9a261be4-fd91-4d09-8043-654210d3673f,CN=ADFS,CN=Microsoft,CN=Program Data,DC=ibl-unisys,DC=local CertificateThresholdMultiplier : 1440 ClientCertRevocationCheck : None ContactPerson : DisplayName : ADFS for Salesforce IntranetUseLocalClaimsProvider : False ExtendedProtectionTokenCheck : Allow FederationPassiveAddress : /adfs/ls/ HostName : Ibl-unisys.ibl-unisys.local HttpPort : 80 HttpsPort : 443 TlsClientPort : 49443 Identifier : http://ibl-unisys.ibl-unisys.local/adfs/services/trust InstalledLanguage : en-US LogLevel : {Errors, Information, Verbose, Warnings} MonitoringInterval : 1440 NetTcpPort : 1501 NtlmOnlySupportedClientAtProxy : False OrganizationInfo : PreventTokenReplays : False ProxyTrustTokenLifetime : 21600 ReplayCacheExpirationInterval : 60 SignedSamlRequestsRequired : False SamlMessageDeliveryWindow : 5 SignSamlAuthnRequests : False SsoLifetime : 480 PersistentSsoLifetimeMins : 10080 KmsiLifetimeMins : 1440 PersistentSsoEnabled : True PersistentSsoCutoffTime : 1/1/0001 12:00:00 AM KmsiEnabled : False LoopDetectionEnabled : True LoopDetectionTimeIntervalInSeconds : 20 LoopDetectionMaximumTokensIssuedInInterval : 5 PasswordValidationDelayInMinutes : 60 SendClientRequestIdAsQueryStringParameter : False WIASupportedUserAgents : {MSAuthHost/1.0/In-Domain, MSIE 6.0, MSIE 7.0, MSIE 8.0...} ExtranetLockoutThreshold : 2147483647 ExtranetLockoutEnabled : False ExtranetObservationWindow : 00:30:00 GlobalRelyingPartyClaimsIssuancePolicy : c:[Type == "http://schemas.microsoft.com/2012/01/devicecontext/claims/isre gistereduser"] => issue(claim = c);c:[Type == "http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier"] => issue(claim = c); PromptLoginFederation : FallbackToProtocolSpecificParameters PromptLoginFallbackAuthenticationType : urn:oasis:names:tc:SAML:1.0:am:password
