If a customer is configuring an AWS load balancer in front of SDM, then it may be necessary to configure a friendly URL to access the load balancer.

This environment also has Azure SSO configured with SAML.

How should Service Desk Manager be configured to accept the traffic from the load balancer?

CA Service Desk Manager 17.3

All Supported Operating Systems

In Azure SSO Settings under Basic SAML Configuration please configure the friendly URL in all sections:

Example

https://<friendly URL>/CAisd/pdmweb.exe

In federation.properties configure

federation.trustedissuers.issuer=https://login.microsoftonline.com/<Get this value from Azure>/wsfed
federation.trustedissuers.thumbprint=<Get this value from Azure>
federation.trustedissuers.friendlyname=https://sts.windows.net/<Get this value from Azure>/
federation.audienceuris=https://<FRIENDLY_URL>/CAisd/pdmweb.exe|https://<FRIENDLY_URL>/CAisd/pdmweb.exe
federation.realm=https://<FRIENDLY_URL>/CAisd/pdmweb.exe
federation.enableManualRedirect=False
federation.reply=https://<FRIENDLY_URL>/CAisd/pdmweb.exe

Additionally, further exceptions will be need to be made in Azure under customers WAF, but this is outside the scope of Broadcom Support so customer will need to consult their Azure admins/architects

• AWS WAF needs exceptions to unblock the items coming from CA Service Desk
• The friendly name is the shortened/alias URL used by the load balancer that will translate back to the longer SDM URL (the default one created when SDM is installed)