Configuring AD/AD FS authentication

For an Infor Ming.le and Infor OS environment, enable the http based Configuration Service endpoint. See the Infor Ming.le Installation Guide for instructions.

In the PLM Process Authentication wizard:

  1. Select the PLM Process Server and optionally the PLM Process web.
  2. Click System Information. Verify that the application pools for the website and service site are correct. If the report shows errors, then make the necessary corrections before proceeding. Then, click Next.
  3. Select AD/AD FS and click Next.
  4. Select Configure AD FS Using Infor Federation Services and click Next. This is the recommended choice.
    Note: If you do not have the Infor Federation Services application, and you are not integrating to Infor Ming.le, use the second choice.

    See Selecting the security token service directly.

  5. Specify the URL address where Infor Federation Services is installed. The format for the URL is shown here:

    http://server[.domain][:Port]/IFSServices/ConfigurationService.svc/ConfigurationService

    IFSServices/ConfigurationService.svc/ConfigurationService is the path to the IFS configuration service.

  6. Click Test to verify the connection is valid. Click Next to continue.
    The administrator can override the default values that are shown on the Custom Security Token Service Settings page.

    This table describes the fields on the Custom Security Token Service Settings page.

    Screen Element Description
    Display Name The default value is Infor Optiva.
    Description The default value is Infor Optiva PLM.
    Identifier The default value is the URL. Changing this value internally affects the AudienceUri, WS Federation Realm, and IFS/AD FS Identifier.

    If you modify the Endpoint, you should change the Identifier. The Identifier should be a subset of, or identical to, the Endpoint value.

    Endpoint The default value is the URL. The Endpoint is used as the URL in IFS and the Endpoint in AD FS. If you are using external URLs, due to the use of a load balancer, this value should be updated.
    Issuer Defaults to ConfigurationClient.GetTokenIssuerURL. This is the URL that is used by AD FS to redirect back to the client application. If you are using external URLs, due to the use of a load balancer, this value should be updated.
  7. Click Next. Review the information on the Summary page.
  8. Click Apply when you are satisfied that everything is setup correctly. Then, click Close.