Learnifier support Single Sign On (SSO) using SAML. Microsoft Active Directory supports SAML via their Active Directory Federation Services (AD FS) server.
We recommend that you use at least AD FS 3.0 (included in Windows 2012R2) or later.
Step 1 - Contact Learnifier
Contact email@example.com and let us know you want to set up SSO with Active Directory. We will then give you a customer-specific metadata url for you to use.
Step 2 - Adding Learnifier as a Relying Party Trust in ADFS
Start the AD FS Management tool under Administrative Tools
Select the Trust Relationships folder and right click and select Add Relying Party Trusts
1. On the Welcome to the Add Relying Party Trust Wizard click Start
Make sure that the Import data about the relying party published online or on a local network button is selected.
Enter your customer-specific metadata url you received from Learnifier.
Exampel in this picture where you should enter "https://service.learnifier.com/auth_saml/saml/metadata" in the field.
2. Edit the display name and note if you like. When finished click Next
3. On this screen select to not use MFA.
4. On this screen permit all users to access Learnifier
5. On this screen simply click Next
6. Make sure that the checkbox is marked and click close.
7. Click on Add Rule...
8. Select to Send LDAP Attributes as Claims
9. Enter Learnifier Claims as the Claim rule name. Make sure that the Attribute Store is Active Directory and add the values according to the screen shot.
Step 3 - Contact Learnifier
Contact your representative and provide him with the url of the SAML metadata for your Active Directory Federation Services. If the login web server / AD FS is reachable under https://login.example.com the metadata is usually available at https://login.example.com/FederationMetadata/2007-06/FederationMetadata.xml. The link must be a https link and the server must be reachable from the public internet.
You should receive a response shortly after that the connection is established.
Make sure that the Secure hash algorithm is set to SHA-256 (available under Advanced tab) in the created Relying Party Trust.