Configure a third party IDP (via SAML) as primary authenticator for windows login on Windows Active Directory

Kushan Fernando 6 Reputation points
2022-09-20T12:22:34.007+00:00

I got an OnPrem Active Directory environment with AD users (not connected to AzureAD). Now I need to configure a third-party Identify Provider (IDP is managed by me in another environment) via SAML (Idp support saml and oidc) for primary authentication. When the users on client machines type their email addresses, I want the IDP authentication window to pop up and authenticate the user via the IDP without having to enter the password on the windows client machine.

When I read online, it looks like I have to do something with ICredentialProvider, but it is not quite clear to me whether it is a must or if I can do everything via the server manager configuration.

A similar integration has been achieved by Okta, but I need my own solution, rather than integrating via okta or any other service.

Could someone direct me to some docs/resources/tutorials or sample implementations?

Windows for business | Windows Client for IT Pros | Directory services | Active Directory
Windows for business | Windows Server | Devices and deployment | Set up, install, or upgrade
0 comments No comments
{count} vote

1 answer

Sort by: Most helpful
  1. JimmySalian-2011 42,611 Reputation points
    2022-09-20T12:33:25.28+00:00

    Hi,

    SAML 2.0 identity providers are third-party products and therefore Microsoft does not provide support for the deployment, configuration, troubleshooting best practices regarding them.
    Also there is detailed guidance documentation and it has information so please review and hope it helps.

    details.aspx
    how-to-connect-fed-saml-idp

    ----
    Please don't forget to upvote and Accept as answer if the reply is helpful

    If this answer helped you please mark it as "Verified" so other users can reference it.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.