I’m currently trying to configure SAML with SuiteCRM 7.9.9 (on a Debian 9 server) and a ADFS 4.0 server (Windows Server 2016) to enable single sign on. To do so, I followed the ADFS guides published by SugarCRM. However, It would appear that there is one or more errors in the procedure because I get the following AD FS error each time I try to authenticate a user.
•Activity ID: 00000000-0000-0000-9509-0080000000bf
•Error time: Fri, 09 Feb 2018 17:58:27 GMT
•User agent string: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
To get SSO functional, I had to change some parameters, like the SAML Assertion URL and Identifiers URLs and in addition I had to create the user profiles into the SuiteCRM database. I think, this configuration is not correct because there is no benefit to use SSO in this case.
I would really appreciate your help on this topic.
Thank you in advance