Home
Expert Base
Blogs
Cloud Director SAML authentication with Azure AD
Contents
Related blogs
Back to Expert Base

Cloud Director SAML authentication with Azure AD

In this article, you will read how to activate MFA (Multi Factor Authentication) by configuring SAML authentication and linking it to Azure AD.

Written by
Iris Nicolaas
&
Posted on
01
-
12
-
2021
2024
Written by
Iris Nicolaas
&
Posted on
01
-
12
-
2021
2024
Contents
Related blogs
Back to Expert Base

To activate MFA in Cloud Director, you can use SAML. In order to do this, you need to complete the following steps.

Configuration Azure AD
Create an Active Directory group and synchronise it with Azure Active Directory.

Afbeelding1-3


Setting up Azure AD - adding an enterprise application

Add an enterprise application. You can do this by navigating to ‘Azure Active Directory’ and selecting ‘Enterprise Applications’.

Afbeelding1-4

Click on ‘New Application’ and select ‘Non-gallery Application’.

Afbeelding1-Dec-01-2021-12-09-20-20-PM
Afbeelding1-Dec-01-2021-12-09-49-26-PM

Click ‘Add’ and give the application a name.

Configuring Single Sign On
To configure Single Sign on, click on ‘SAML’. Next, fill in the requested information.

Afbeelding1-Dec-01-2021-12-10-55-54-PM
Afbeelding1-Dec-01-2021-12-11-19-79-PM
Afbeelding1-Dec-01-2021-12-11-44-39-PM


Cloud Director
Now that the single sign-on configuration has been set up within Azure, the configuration needs to be done in Cloud Director. In the link below, change ‘Customer-ICT’ to your Organisation name. Then download the Metadata (do this for the correct location).

https://en1.vcloud.fundaments.nl/cloud/org/Customer-ICT/saml/metadata/alias/vcd
https://pdc2.vcloud.fundaments.nl/cloud/org/Customer-ICT/saml/metadata/alias/vcd
https://ix7.vcloud.fundaments.nl/cloud/org/Customer-ICT/saml/metadata/alias/vcd
https://am2.vcloud.fundaments.nl/cloud/org/Customer-ICT/saml/metadata/alias/vcd

Save the file spring_saml_metadata.xml. Within the VDC, go to the Administration tab:

Afbeelding1-Dec-01-2021-12-15-29-66-PM

And below Identity Providers, choose the SAML option.

Afbeelding1-Dec-01-2021-12-16-12-18-PM

Under ‘Service Provider’, enter the ‘Entity ID’ (make sure it is the same as the one in Azure under the name Identifier (Entity ID))

Afbeelding1-Dec-01-2021-12-18-35-43-PM

Azure configuratie of SAML
Upload the file spring_saml_metadata.xml into Azure which you just downloaded and saved.

Afbeelding1-Dec-01-2021-12-19-22-69-PM
Afbeelding1-Dec-01-2021-12-19-42-54-PM

Download the Azure AD Federation metadata XML from the Azure location below.

Afbeelding1-Dec-01-2021-12-20-20-58-PM

Fill in or import the Federation Metadata XML from the Azure Portal you just downloaded.

Afbeelding1-Dec-01-2021-12-20-55-67-PM


Import Users of Groups - Azure AD
Add users from your Active Directory to Azure. You can also add groups here.

Afbeelding1-Dec-01-2021-12-21-41-56-PM

In Cloud Director, choose the group or users assigned under Users and Groups. After this, you can add permissions and roles to the group.

Afbeelding1-Dec-01-2021-12-22-20-78-PM

Now MFA has been enabled by configuring SAML authentication and connecting it to Azure AD!

Related blog items

No items found.
No items found.
No items found.
No items found.