Steps to configure SAML SSO for ManageEngine ADAudit Plus
About ADAudit Plus
ADAudit Plus provides comprehensive monitoring and reporting on Active Directory activities, offering insights into user actions, change management, and compliance requirements. Its customizable reports and alerts help admins track and respond to changes effectively, ensuring security and regulatory compliance.
The following steps will help you enable single sign-on (SSO) for ADAudit Plus from Identity360.
Prerequisites
- The MFA and SSO license for Identity360 is required to enable SSO for enterprise applications. For more information, refer to pricing details.
- Log in to Identity360 as an Admin or Super Admin.
- Navigate to Applications > Application Integration > Create New Application, and select ADAudit Plus from the applications displayed.
Note: You can also find ADAudit Plus from the search bar located at the top.
- Under the General Settings tab, enter the Application Name and Description.
- Under Choose Capabilities tab, choose SSO and click Continue.
General settings of SSO configuration for ADAudit Plus
- Under Integration Settings, navigate to the Single Sign On tab, click on Metadata Details. You can configure ADAudit Plus by either uploading the metadata file or entering the details manually.
- For uploading metadata file: Download the metadata file to be uploaded during the configuration of ADAudit Plus in Identity360 by clicking Download from the Metadata field.
- For manual configuration: Copy the Entity ID, Login URL, Logout URL, and Signing certificate (X.509 certificate), which will be used during the configuration of ADAudit Plus.
Integration Settings of SSO configuration for ADAudit Plus
ADAudit Plus (service provider) configuration steps
- Log in to ADAudit Plus with admin credentials.
- Navigate to Admin > Administration > Logon Settings > Single Sign-On.
- Select the Enable Single Sign-on with Active Directory check box.
Configuration of SAML SSO from ADAudit Plus
- Choose the SAML Authentication radio button.
- In the Configure Identity Provider section, enter the details given below.
- In the Identity Provider (IdP) field, choose the Custom Provider option.
- Enter the IdP Provider Name and upload the IdP Provider Logo.
- For SAML Configuration Mode, you can either choose the Upload Metadata File option or the Manual Configuration option.
- Copy the values of the ACS/Recipient URL and the Issuer URL/Entity ID from the Service Provider Details section; these will be used later.
Configuration details from ADAudit Plus
- Click Save.
Identity360 (identity provider) configuration steps
- Switch to Identity360's application configuration page.
- In the ACS URL field, enter the ACS/Recipient URL copied in step 6 of ADAudit Plus configuration.
- In the Entity ID field, enter the Issuer URL/Entity ID value copied in step 6 of ADAudit Plus configuration.
- Click Save.
Integration Settings of SSO configuration for ADAudit Plus
- To learn how to assign users or groups to one or more applications, refer to this page.
Your users should now be able to sign in to ADAudit Plus through the Identity360 portal.
Note: For ADAudit Plus, both SP-initiated and IdP-initiated flows are supported.: For ADAudit Plus, both SP-initiated and IdP-initiated flows are supported.
Steps to enable MFA for ADAudit Plus
Setting up MFA for ADAudit Plus using Identity360 involves the following steps:
- Set up one or more authenticators for identity verification when users attempt to log in to ADAudit Plus. Identity360 supports various authenticators, including Google Authenticator, Zoho OneAuth, and email-based verification codes. Click here for steps to set up the different authenticators.
- Integrate ADAudit Plus with Identity360 by configuring SSO using the steps listed here.
- Now, activate MFA for ADAudit Plus by following the steps mentioned here.
How does MFA for applications work in Identity360?
Metadata configuration from ADAudit Plus
Manual configuration from ADAudit Plus