0 votes

I'm trying to enable SSO using SAML with AzureAD as the IDP. I'm struggling to get it to work, we use a BIG-IP as our loadbalancer which handles the SSL offloading. Adaxes webinterface runs on port 80 behind the loadbalancer.

The reply url is the saml response provided by adaxes is using http instead of https which AzureAD does not like. AzureAD does not allow you to put http addresses for the reply url.

The Web Interface address configured in adaxes is something like: https://adaxes,company.com

Does anybody have experience with this setup using SSL offloading or am I forced to remove the SSL offloading and do it on the server itself?

by (680 points)

1 Answer

0 votes
by (3.4k points)

Unfortunately, we do not have any experience configuring Adaxes to work with Azure AD as an Identity Provider in conjunction with SSL offloading. As per our check, there is no possibility to configure the desired workflow. However we recommend considering a possibility to contact BIG-IP support to check for possible solutions.

Related questions

0 votes
1 answer

Is it possible after a user logs in to be Redirect to the Home Page (if enabled) ? If so where would that need to be changed? I've found multiple difference Web Config ... where or how it gets redirected to the My Properties page so it can be changed. Thanks

asked Jul 23, 2019 by Helios5287 (510 points)
0 votes
1 answer

We are evaluating the product and would like to let users of AD to change password in self service page. We would like to set a 90 days change password policy, ... self service page? Is it achievable (with customization and batch program)? Thanks in advance.

asked Apr 27 by eric (250 points)
0 votes
1 answer

Our Help Desk currently 'mirrors' the group membership of a new user based on another existing user in our AD. I'd like to be able to automate this so that the initiator ... and 'paste' it on the new user being created. Any help on this would be appreciated!

asked Apr 21 by RayBilyk (480 points)
0 votes
1 answer

I'd like to be able to either send an email report or export a CSV of all of the business rules carried out when a user is disabled. This would be ... Management Activity section but this includes things that weren't part of the disable operation. Thanks

asked Feb 19 by bavery (250 points)
0 votes
0 answers

Before Deactivation of an Account on the Webinterface our Help Desk need to change the AD User Description manually. Is it possible to force a manual change before deactivation ?

asked Feb 7 by lv01 (250 points)
2,183 questions
1,948 answers
5,392 comments
5,258 users