Resource Required
A dedicated CentOS 7 (virtual or physical), with the following minimum specifications:
- 2 CPU
- 4GB RAM
- 10GB+ partition for OS
Additional Requirement
This server MUST NOT be used for any other purpose in the future.
You MUST be able to execute commands as root
on the system without limitation
The server MUST be accessible from the public internet.
The static IP MUST have a publicly resolvable DNS entry. Typically of the form idp.example.edu
The following ports and inbound/outbound connections MUST be allowed:
Port | Purpose |
---|---|
80 | Outbound HTTP connections |
443 | Outbound HTTPS connections |
Port | Purpose |
---|---|
80 | Inbound HTTP connections used within SAML flows |
443 | Inbound HTTPS connections used within SAML flows |
8443 | Backchannel, client verified TLS connections, used within SAML flows |
An account which can bind to and run queries against your corporate directory service. You’ll require the following pieces of information from your directory administrator:
- IP Address / DNS entry for your LDAP server and connection port
- Base DN for user objects within your directory
- The Bind DN of the account you wish to connect to the directory with
- The password for the above account
- An LDAP filter attribute, often
uid
Install Guide
Install EPEL Repository
Download the bootstrap script
Edit the bootstrap script
Run the bootstrap.sh script
Customization
All modifiable configuration is located in the directory:
The structure of your configuration directory will look like the following:
If you made any changes to one of the file above, you need to run the following command: