Using the Active Directory Federation Services (AD FS) Credentials Provider

You can configure the connector to authenticate the connection using credentials obtained from the AD FS credentials provider. To do this, you must specify information about the AD FS service, such as the host and port of the server where the service is hosted.

To configure authentication using AD FS:

  1. To access authentication options, open the ODBC Data Source Administrator where you created the DSN, then select the DSN, then click Configure, and then click Authentication Options.
  2. From the Authentication Type drop-down list, select ADFS.
  3. Optionally, to specify your credentials for accessing the AD FS server, do the following. If you do not specify any credentials, the connector attempts to authenticate to the AD FS server by using your Windows account credentials over the NTLM protocol.
    1. In the User field, type the user name that you use to access the AD FS server. You can include the domain name using the format [DomainName]\[UserName].
    2. In the Password field, type the password corresponding to the user name that you provided in the previous step.
    3. To encrypt your credentials, click Password Options and then select one of the following:
      • If the credentials are used only by the current Windows user, select Current User Only.
      • Or, if the credentials are used by all users on the current Windows machine, select All Users Of This Machine.
  4. To specify AD FS service information, do the following:
    1. In the IdP Host field, type the host name of the AD FS service.
      2. Important:

      Important:

      The host name cannot include any slashes (/).

    2. Optionally, in the IdP Port field, type the number of the port that the AD FS service host uses to listen for requests.

      3. Note:

      The exact port number that you need to specify may differ depending on the AD FS server configuration. If you are not sure which port to specify, contact your system administrator.

  5. Optionally, in the Preferred Role field, type the Amazon Resource Name (ARN) of the role that you want to assume when authenticated through AD FS.
  6. Optionally, in the Session Duration field, type the duration, in seconds, of the role session.
  7. If the AD FS service must be accessed through an HTTP proxy, select the Use HTTP Proxy For IdP Host check box. For information about configuring the proxy connection, see Configuring Proxy Connections .
  8. Optionally, if you do not want the connector to verify the AD FS server certificate, select the SSL Insecure check box.
  9. To save your settings and close the Authentication Options dialog box, click OK.

Related topics