Import an existing IDP configuration
If you have an existing database-driven implementation of SSO and want to migrate to the improved user-interface based SSO solution, you can migrate the settings configuration from your IDP and import it into the
BlackBerry AtHoc
management system.Contact your account representative or
BlackBerry AtHoc
customer support to obtain a copy of the Utilities.zip
file needed to perform an SSO migration.
Only IDP configurations can be imported. The SP configuration must be entered manually in the
BlackBerry AtHoc
management system. See Configure service provider settings.- Open aWindowscommand prompt and navigate to the following folder:<installed-directory>\AtHocENS\ServerObjects\Tools\SSO\EasyConnect
- Run the following command to create and export a SAML metadata XML file:ExportMetadata.exe –partner <name> [-config <directoryName] [-baseurl <url>] [-file <filename>]where:
- partner <name>: The name of the partner IDP configured in theidp-partner.configfile or the partner SP configured in thesp-partner.configfile.
- If you specify a partner IDP, the corresponding local SP metadata is generated for the partner IDP.
- If you specify a partner SP, the corresponding local IDP metadata is generated for the partner SP.
- [-baseurl <url>]: Specify the directory that contains the EasyConnect configuration files. If you do not specify this directory, the export defaults to C:\EasyConnect\EasyConnectServer.
- [-file <filename>]: Optionally, specify the name of the generated SAML metadata file. By default, the export uses the file name metadata.xml.Examples:
- ExportMetadata.exe –partner ExampleIdentityProvider
- ExportMetadata.exe –partner ExampleIdentityProvider -config "specify SSO config directory"**
- ExportMetadata.exe –partner ExampleIdentityProvider -config "specify SSO config directory" -baseurl "HTTPS://www.showcase.com"*
- ExportMetadata.exe –partner ExampleIdentityProvider config "specify SSO config directory" -baseurl "HTTPS://www.showcase.com" -file "<File path>"**
- Log in to theBlackBerry AtHocmanagement system and use the SSO IDP import feature to import the IDP metadata. See Export SP and IDP settings and Import IDP settings.