![]() ![]() If on-demand-user-provisioning is = 0, then it is OFF If on-demand-user-provisioning is = 1, then it is ON ![]() You should see a response similar to this: You may check (even though it should be on by default) to see if auto-user provisioning is on run this Web Services API command on the Adobe Connect Server itself and on the console port, 8510 as shown: This will not work in a browser that is not on the server itself and it will not work without localhost:8510. http-80-4 (INFO) Response status: okta-auth-error/user-not-found http-80-4 (ERROR) Okta autentication failed, http-80-4 (ERROR) Unable to initilize okta authentication handler null http-80-4 (INFO) New User should be created for SSO workflow http-80-4 (INFO) SAML authentication request recived for account Look for the following error entries in the debug.log file: Make sure the below attributes are added in OKTA: On User Attributes for just in time provisioning: User attributes like FirstName, LastName and Email are required in the SAML response for just in time provisioning. Note: Only the Connect Central page will be served by the other domain values and not Adobe Connect Event pages or the Adobe Connect Mobile application. Var registerTab = document.getElementById(“registeredTab”) insert the domain name in otherDomainName Arrays You would setup the normal IDP configuration but then you edit the redirectToIDPServer function in login.xsl file: \ appserv\apps\system\login.xsl See the bold text below add the additional domain names separated with commas in this example see the added: ‘ ’ and ‘ ’ domain value. To authenticate the other set of users, we can edit the redirectToIDPserver function in login.xsl to allow for the authentication of and domain users. ![]() This makes it possible to work with one IDP allowing multiple domain users being authenticated note that it must be the same IDP.įor example: If you have an ADFS IDP server and there are two types of domain users: and with the current default OOTB configuration, only one set of users can be authenticated, (the other one will be ignored). (editing the redirect login in login.xsl file) in \ appserv\apps\system\login.xsl. On support for multiple SSO domains with a Single IDP server: Currently we do not officially support multiple domain name with single IDP server on our hosted platform, but there is a way to manually edit a workaround into on-premise servers change the login.xsl file to decide which domain to redirect or not. Note that if you just hit this as an external URL or paste it into a browser that is not already logged into Adobe Connect Central with admin rights, it will fail to execute: youradobeconnectonpremisedomain/api/xml?action=acl-field-update
0 Comments
Leave a Reply. |