To use ADFS with Media Manager, some configuration is required.

5.1 Prerequisites

In order to use ADFS with Media Manager, the DAM Center, which your Media Manager uses, must have ADFS enabled.

I implore you to use an IDE like Notepad++ or Sublime for editing the web.config file. The following images are from Notepad++.

As the file has the extension ".config" and not ".xml" you'll need to manually change the language to be XML.

5.2 Web.config

In the supplied web.config there is some AD FS parts that needs to be changed.

To enable ADFS for MM, you need to make some changes to the Media Manager's web.config file, found in the root if the site folder.

First thing you need to do, is make the ADFS login screen appear. This is done by doing the following:

Around line 79, there is a tag saying <allow users="*" />

. The value of this tag has to be changed to "?" instead.

That is, <allow users="

*" /

> should be changed

to <deny users="?" />

OriginalThis is how it looks when ADFS is enabled:

	<authorization>
      <allow users="*" />
      <!-- ADFS deny users="?" /-->
    </authorization>

ADFS Enabled:

	<authorization>
      <deny users="?" />
    </authorization>

• In the section trustedIssuers change the thumbprint to the correct thumbprints from Token-decryption and Token-signing.
• Be aware that in some cases an unshown character might be copied with the thumbprint if you copy from Powershell. That need to be removed.
• my-adfs.server.com should be replaced with the URL of the ADFS server to be used
  

        <trustedIssuers>
          <add thumbprint="FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" name="http://my-adfs.server.com/adfs/services/trust" />
          <add thumbprint="FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" name="http://my-adfs.server.com/adfs/services/trust" />
        </trustedIssuers>

• In the section audienceUris make certain that all URLs where a user needs to be redirected to the ADFS server is noted. Normally only the main URL for the site Is needed here.
• Replace mm.company.org with the URL of the Media Manager
  

      <audienceUris>
        <add value="https://mm.company.org" />
      </audienceUris>

Image Added

All the following configurations are occurring in the bottom of the web.config file, around line 255 - so scroll to the bottom.

When you get to it, the entire ADFS segment is most likely commented out. You'll have to comment it in (in Notepad++ the section will appear green - you have to make it "not-green") by removing the <!-- and →.

From the top the first thing to edit is the audienceUris.

These need to be the link to your site and it's connected DAM Center. E.g:

Image Added

In the above image, the first entry is the DAM Center, and the second is the Media Manager.

You should of course input you own links - with http(s) in front of the link (like in the image.)

Next thing you have to do, is to define your thumbprints.

The thumbprints you can find in your certificates. You should have encountered them when enabling the DAM Center to use ADFS as well. They should be in the DAM Center's web.config file. (If you have not enabled ADFS for your DAM Center, then you need to stop using this guide, and start to configure your DAM Center to use ADFS.) The thumbprints are from the token-decryption and token-signing certificates.

In the parameters named thumbprint, you will have to write in the aforementioned thumbprints.

In the parameters named name, you'll have to input your domain e.g. https://yoursite.com/adfs/services/trust

Image Added

Above you can see how the thumbnails more or less will look on your environment

In the section cookieHandler change domain to be your site's URL (no http(s) or slashes in the domi):

Image Added

In the section wsFederation change:

• Issuer to be https://yoursite.com/adfs/ls
• Realm to precisely the same as Relying party in the ADFS server.

      <wsFederation passiveRedirectEnabled="true" issuer="https://my-adfs.server.com/adfs/ls/" realm="https://mm.company.org" requireHttps="true" />

• Replace dam.company.org with the URL to the DAM Center using ADFS
  

Image Added