Configuring SAML in OpManager
There are two ways to configure SAML in OpManager. You can either do it manually by providing the necessary credentials or you can upload the metadata file directly, if available.
Service provider details
If you opt to configure SAML manually, you will be provided with the following details: the Entity ID, Assertion Consumer URL, SSO Logout URL, and a link to download the SP certificate file. This information, available in the OpManager UI, can be used to add OpManager as a supported application in your IdP.
You can also download the SP metadata file directly from OpManager and import it on the IdP side. This metadata file will have all the above-mentioned details in XML format.
Identity provider details
Similar to the SP details configuration, you can either configure the IdP details manually or upload the metadata file fetched from the IdP side.
Uploading the IdP metadata file:
If you have a metadata file from your IdP, upload it directly in OpManager.
- Under Settings -> General Settings -> Authentication, navigate to the SAML Authentication tab.
- Under the 'Configure Identity Provider Details' section, choose Upload IdP metadata file and enter the IdP Name.
- Find the metadata file acquired from the IdP and click Upload.
Configuring IdP information manually:
You can also enter the IdP details manually in OpManager. For this, you will need the following details:
- IdP name
- IdP login URL
- IdP logout URL
- IdP certificate
Enter the above details in the 'Configure IdP information manually' section under Settings -> General Settings -> Authentication.
To see the steps to configure SAML between OpManager and that IdP, click the corresponding IdP name.
Note
- OpManager also offers an option called Single Logout. Similar to SSO, users will be able to log out of OpManager and the configured IdP at once from the OpManager UI by clicking the logout URL provided.
- As of now, Email address, transient and persistent name identifiers can be used for SAML configuration.
- To authenticate AD users of OpManager through SAML authentication, the name ID value from the IdP should be in the format - <domainname>\<username>.
- If more than one user have provided the same Email address while configuring the Email Address Name Identifier, they cannot login using SAML authentication.
- The Username/Email address configured in the IdP should match the same Username/Email address provided in OpManager for successful authentication.
New to ADSelfService Plus?
Related Articles
Configuring SAML authentication settings in OpManager for OneLogin
Listed below are the steps to configure SAML authentication in OpManager (SP) for OneLogin (IdP) with Single Sign-On. Open OneLogin and navigate to Applications tab. Use the search bar and select SAML Custom Connector (Advanced). Open Configuration ...Configuring SAML authentication settings in OpManager for JumpCloud
Listed below are the steps to configure SAML authentication in OpManager (SP) for JumpCloud (IdP) with Single Sign-On. Login to JumpCloud and click on SSO (under User Management) in the left side menu. Click on the 'Add' symbol, adjacent to the left ...Configuring SAML authentication settings in OpManager for Azure
Listed below are the steps to configure SAML authentication in OpManager (SP) for Azure (IdP) with Single Sign-On. Login to your Azure account. Expand the menu on the left hand side, and select Azure Active Directory. Click on Enterprise ...Configuring threshold values for disk partitions in OpManager
For the Servers, we discover Disk utilization using both WMI and SNMP. Also, we monitor the drive partitions that are available in those Servers. The customers found this very ...SAML Authentication in OpManager