Configuration Tools

ADFS Toolkit

Together with our partners, we’ve developed a set of tools to augment existing ADFS Identity Provider installations. This set of tools is published by CANARIE as a Powershell module called ADFSToolkit, in the Powershell Gallery hosted by Microsoft. The toolkit allows an existing ADFS Identity Provider to have an additional option for participation in the FIM service.

ADFSToolkit enables:

  • Retrieval and signature verification of the CAF FIM service trust records
  • Ingestion of the entities into ADFS using the one-at-a-time trust relationship paradigm
  • Automatic setting of attribute release policies for entity categories
  • Site-specific additions of attribute releases on a per service basis
  • Ability to set a scheduled job to keep current with the CAF FIM service trust records on an hourly basis
  • Ability to better diagnose problems

Installation Guide: ADFSToolkit

If you have any questions regarding the ADFSToolkit and how it impacts your CAF and FIM services, please message us at [email protected].

Shibboleth v4 Upgrade Guidance

Regardless of the platform you use, keeping current on your Identity Provider (IdP) software is a vital factor in your organization’s security practices. This guidance highlights upcoming end-of-support in December 2020 for Shibboleth IdPs older than v4.0.1 and aims to assist navigating various upgrade pathways.

Using SAML Proxying in the Shibboleth IdP to Connect with Azure AD

You may find this solution here. It is a CANARIE contribution back to the international community.

The most current version of this technical guide is located on the Shibboleth Wiki located here. The French version will be updated regularly on our website.