Salesforce SSO with ADFS 2.0

While setting up Salesforce Singe SignOn (SSO) in combination with Active Directory Federation Services (ADFS) 2.0, which was a pleasantly smooth experience thanks to this excellent post: Single Sign-On with Force.com and Microsoft Active Directory Federation Services.

The surprise came when I attempted to repeat the process for our production environment; when adding the second “Relying Party Trust”. Addition of this Trust is blocked, because it uses the same certificate.

After a bit of Googling, I found a post on StackExchange outlining the solution: Install Rollup 3 for AFDS 2.0.
NB: Even if the RollUp indicates it’s already installed, you still need to run the “PostReleaseSchemaChanges.ps1” from the “%program files%\active directory federation services 2.0\sql” folder.

NB2: If you have any integrations setup, don’t forget to also add the new ‘My Domain’ to Setup | Security Controls | Remote Site Settings, otherwise the change may break some of them. For example the Declarative Lookup Rollup Summary (DLRS) and G4S Exchange Rate updater break.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.