Skip to main content
NetApp Knowledge Base

Configuring SAML authentication in AIQUM

Last Updated:

Applies to

  • Active IQ Unified Manager (AIQUM)
  • Security Assertion Markup Language (SAML)


  • Configuring SAML authentication in Active IQ Unified Manager
  • The below SAML configuration is done on Active IQ Unified Manager 9.8 and ADFS (IDP) server.
    • Note: Make sure all the pre-requisites are done mention in "part 1"
  1. Log on your Active IQ Unified Manager Web UI.
  2. Go to General -> SAML Authentication
  3. Enable SAML authentication
  4. Put in the IDP URL and click on Fetch Idp Metadata
  5. Confirm the "Host URL" pointing to the right UM server name
  6. Click on Copy host Metadata and create a file called um_host_metadata.xml
  7. Take this file um_host_metadata.xml to IDP (ADFS) server
    • Note: Do not click "save" until you finish "step 8"
  8. High-level IDP server configuration 
    • Note: NetApp support is not responsible configuring IDP server
    • Import "um_host_metedata.xml" under "relying party trust"
    • Permit all user to access the relying party, choose default settings
    • Edit claim rules
      • Add rules
      • Choose "send LDAP Attributes as a claim".
        • Claim rules are mention above under "part 1 - pre-requisites"
      • Claim Rule Name "Rule 1"
      • Attribute Store: Active Directory
      • Ldap Attribute: SAM-Account-Name: Name ID
      • Finish
  • Repeat the steps again to add the next two rules  as showing in the screenshot

9. Go back to Active Unified Manager page and Click Save and then click Confirm and Logout

Configuring SAML authentication in AIQUM

10.  If everything works out OK then Active IQ Unified Manager will redirect to ADFS single sign on screen.

Note: As UM service restarted after successful SAML authentication setup, please be patient for services to restart successfully.

11. Log on as "sAMAccountName" (domain\username) with Remote user name and password.

Note: Remember the Remote user name or Remote group setup in Active IQ Unified Manager which was part of "remote authentication".


NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.