To use ADFS with Media Manager, some configuration is required.

5.1 Prerequisites

In order to use ADFS with Media Manager, the DAM Center which Media Manager uses must have ADFS enabled.

5.2 Web.config

In the supplied web.config there is some AD FS parts that needs to be changed.

• <allow users="*" /> —  should be removed
• <!-- AD FS deny users="?" /--> — needs to be changed to <deny users="?"/>

Original:

	<authorization>
      <allow users="*" />
      <!-- ADFS deny users="?" /-->
    </authorization>

ADFS Enabled:

	<authorization>
      <deny users="?" />
    </authorization>

• In the section trustedIssuers change the thumbprint to the correct thumbprints from Token-decryption and Token-signing.
• Be aware that in some cases an unshown character might be copied with the thumbprint if you copy from Powershell. That need to be removed.
• my-adfs.server.com should be replaced with the URL of the ADFS server to be used
  

        <trustedIssuers>
          <add thumbprint="FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" name="http://my-adfs.server.com/adfs/services/trust" />
          <add thumbprint="FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" name="http://my-adfs.server.com/adfs/services/trust" />
        </trustedIssuers>

• In the section audienceUris make certain that all URLs where a user needs to be redirected to the ADFS server is noted. Normally only the main URL for the site Is needed here.
• Replace mm.company.org with the URL of the Media Manager
  

      <audienceUris>
        <add value="https://mm.company.org" />
      </audienceUris>

• In the section wsFederation change realm to the precise same as Relying party in the ADFS server.

      <wsFederation passiveRedirectEnabled="true" issuer="https://my-adfs.server.com/adfs/ls/" realm="https://mm.company.org" requireHttps="true" />

• Replace dam.company.org with the URL to the DAM Center using ADFS
  

      <cookieHandler requireSsl="true" domain="dam.company.org" path="/" />