Configuring SAML authentication in AIQUM

Configuring SAML authentication in Active IQ Unified Manager
The below SAML configuration is done on Active IQ Unified Manager 9.8 and ADFS (IDP) server.
- Note: Make sure all the pre-requisites are done mention in "part 1"

Log on your Active IQ Unified Manager Web UI.
Go to General -> SAML Authentication
Enable SAML authentication
Put in the IDP URL and click on Fetch Idp Metadata
- We captured the IDP URL from last bullet point in the Prerequisites KB Prerequisites for enabling SAML authentication in AIQUM .
Confirm the "Host URL" pointing to the right UM server name
Click on Copy host Metadata and create a file called um_host_metadata.xml
Take this file um_host_metadata.xml to IDP (ADFS) server
- Note: Do not click "save" until you finish "step 8"
High-level IDP server configuration
- Note: NetApp support is not responsible configuring IDP server
- Import "um_host_metedata.xml" under "relying party trust"
- Permit all user to access the relying party, choose default settings
- Edit claim rules
  - Add rules
  - Choose "send LDAP Attributes as a claim".
    - Claim rules are mention above under "part 1 - pre-requisites"
  - Claim Rule Name "Rule 1"
  - Attribute Store: Active Directory
  - Ldap Attribute: SAM-Account-Name: Name ID
  - Finish

9. Go back to Active Unified Manager page and Click Save and then click Confirm and Logout

10. If everything works out OK then Active IQ Unified Manager will redirect to ADFS single sign on screen.

Note: As UM service restarted after successful SAML authentication setup, please be patient for services to restart successfully.

11. Log on as "sAMAccountName" (domain\username) with Remote user name and password.

Note: Remember the Remote user name or Remote group setup in Active IQ Unified Manager which was part of "remote authentication".