Create an Microsoft IIS IWA application
During this task we will create the required Microsoft IIS IWA application in Access Gateway.
- Sign in to the Access Gateway Admin UI console.
Click the Applications tab.
Click +Add to add a new application.
- Select Microsoft IIS IWA from the left column menu, and click Create.
If the Microsoft IIS, OWA, or Sharepoint IWA applications are disabled, ensure that there is a valid Kerberos service configured in settings.
- If required, expand the Essentials pane and enter:
Field Value Label The name of the application, as shown in your Okta Tenant.
For example:Microsoft IIS Application
Public Domain The externally facing URL of the application.
For example: https://iis.idaasgateway.net
Protected Web Resource Fully qualified URL to the Microsoft backing application. Group The group containing users who can access the application.
- Expand the Certificates tab.
By default a wild card self signed certificate is created and assigned to the application when the application is initially created.
- Optional. Click Generate self-signed certificate
A self-signed certificate is created and automatically assigned to the application.
- Optional. Select an existing certificate from the list of provided certificates.
Use the Search field to narrow the set of certificates by common name.
Use the page forward (>)and backward(<) arrows to navigate through the list of available certificates.
- Click Next
- In the Application pane, enter:
Field Value Kerberos Realm Enter the name of the associated realm
- Click Next.
- In the Attributes pane:
Click Add attribute to add an attribute what corresponds to sAMAccountName.
- Verify he following:
IDP attribute that correlates with the users sAMAccountName
- Click Save.
- Click Done.
While optional, Okta recommends that all applications include certificates.
See About Access Gateway certificates for general information about certificate.
See Certificate management tasks for a general task flow for obtaining and assigning certificates.
The application is added and the Application list page is displayed.