Windows Azure Tenant portal access based on ADFS Claims

26 Feb

To share your VM’s in the WAP portal with multiple colleagues  you could share your tenant userID and password, but there is a better way. Use ADFS to send group membership as claims.

Use the following articles to configure your portals to use ADFS
Federated Identities to Windows Azure Pack through AD FS – Part 1 of 3
Federated Identities to Windows Azure Pack through AD FS – Part 2 of 3
Federated Identities to Windows Azure Pack through AD FS – Part 3 of 3

In part 3 they configure the Groups claim. The Groups claim is sent to the WAP portal in the following format “<DOMAIN>\GROUP”. This claim can be used to set the Co-Administrator of a tenant.

Configure Co-Administrators

Logon to the WAP Admin portal and click on your tenant (under user accounts).

Click the subscription you want to change :
image

Click the Administrators tab, and click Add :
image

Type the group name of the Co-Administrators. This string is case sensitive !
image

Test your configuration

Logon to your Tenant portal :
image

Click on virtual machines, and if all configuration is done write you will see all VM’s that belong to your tenant account :
image

Tuur

Comments

Leave a Reply