Enterprise Vault.cloud™ Archive Administration Help
- Getting started with Archive Administration
- Archive Overview
- My Config
- About Provisioning
- About Managed Tags
- About Account Management
- Archive Collectors
- Role Management
- Policy Management
- Import Data
- Authentication Management
- AD FS Configuration Guide
- Retention Management
- Continuity Management
- Reporting and Notifications
- Personal.cloud Deployment for IBM Notes
- Archive Administration Updates in Previous Releases
- Archive Administration Known Issues
Adding a relying party trust for Enterprise Vault.cloud
The first step to configure your AD FS environment is to add a relying party trust for Enterprise Vault.cloud.
We recommend that you do not change the Index Value of the Endpoint from its default value. Changing the Index Value of the Endpoint can prevent the Enterprise Vault.cloud authentication service from working properly with your AD FS environment.
To add a relying party trust for Enterprise Vault.cloud
- Access the AD FS Management console.
- In the left pane of the AD FS Management console, expand Trust Relationships, right-click Relying Party Trusts, and then click Add Relying Party Trust.
- In the Welcome panel of the Add Relying Party Trust Wizard, click Start.
- In the Select Data Source panel, select Enter data about the relying party manually, and then click Next.
- In the Specify Display Name panel, enter Cloud Archive in the Display Name field, and then click Next.
- In the Choose Profile panel, select a profile, and then click Next.
- In the Configure Certificate panel, click Next to skip this optional step.
We recommend that you do not configure a certificate. Configuring a certificate prevents the Enterprise Vault.cloud authentication service from working properly with your AD FS environment.
- In the Configure URL panel, select Enable support for the SAML 2.0 WebSSO protocol.
- In the Configure URL panel, enter the Entity ID from the Your Trust Information section on the Authentication Management page of Archive Administration in the Relying party SAML 2.0 SSO service URL field, and then click Next.
The Entity ID varies based on the location of your organization. If you cannot find the Entity ID for your organization, contact Veritas Services & Support.
- In the Configure Identifiers panel, enter the Entity ID again in the Relying party trust identifier field, click Add to add the identifier, and then click Next.
- For AD FS 3.0 only, in the Configure Multi-factor Authentication Now? panel, select I do not want to configure multi-factor authentication settings for this relying party trust at this time, and then click Next.
- In the Choose Issuance Authorization Rules panel, select Permit all users to access this relying party, and then click Next.
- In the Ready to Add Trust panel, review the configured settings, and then click Next.
- In the Finish panel, select Open the Edit Claim Rules dialog for this relying party trust when the wizard closes, and then click Close.
- In the Edit Claim Rules for Cloud Archive window, click Add Rule.
- In the Select Rule Template panel of the Add Transform Claim Rule Wizard, select Send LDAP Attributes as Claims in the Claim rule template field, and then click Next.
- In the Configure Rule panel, enter Send Claims to Cloud Archive in the Claim rule name section.
- In the Configure Rule panel, select Active Directory in the Attribute store section.
- In the Configure Rule panel, select the following sets of LDAP attributes and outgoing claim types in the Mapping of LDAP attributes to outgoing claim types section.
Outgoing claim type
- In the Configure Rule panel, click Finish to close the Add Transform Claim Rule Wizard.
- In the Edit Claim Rules for Cloud Archive window, click OK to close the window.
- In the AD FS Management Console, select Cloud Archive in the Relying Party Trusts pane.
- In the Cloud Archive section of the Actions pane, click Properties.
- In the Cloud Archive Properties window, select the Advanced tab.
- In the Secure hash algorithm field, select one of the following algorithms:
We recommend that you select the SHA-1 algorithm.
- Click OK to close the Cloud Archive Properties window.