HELP FILE

Integrate Azure Active Directory with LogMeIn Central for additional authentication.

Prerequisites:
  • An Azure Active Directory Premium subscription.
  • An active LogMeIn Central subscription.
Note: For more information using SAML with Azure Active Directory, see Microsoft's support site.

Configure your Azure Active Directory Account

  1. Log in to https://portal.azure.com.
  2. Navigate to Azure Active Directory > Enterprise Applications > New application. The Add an application menu is displayed.
  3. Select Non-gallery application. The Add your own application menu is displayed.
  4. Give the new application a name and click Add.
  5. Click Single sign-on > SAML.
  6. Under Basic SAML Configuration, set the following values:
    Identifier (Entity ID) https://accounts.logme.in
    Reply URL https://accounts.logme.in/federated/saml2.aspx?returnurl=https%3A%2F%2Fsecure.logmein.com%2Ffederated%2Floginsso.aspx
  7. Click Save.
  8. Under SAML Signing Certificate, download the Certificate (Raw) and Federated Metadata XML.

Allow Data to be sent to LogMeIn

For more information, see Microsoft's support site.
Note: The following claims are required by LogMeIn, but they are usually part of the default Azure AD SAML configuration. The following claims must be included in the User attributes and claims configuration.
  1. Log in to https://portal.azure.com.
  2. Navigate to Azure Active Directory > Enterprise Applications > All application.
  3. Click the previously configured application name. The Set up Single Sign-On with SAML menu is displayed.
  4. Next to User Attributes & Claims, click the edit icon.
  5. Under Claim Name, the following information is required:
    Name Description Full Schema Address
    Email The email address you registered with LogMeIn http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
    Given name Your first/given name http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
    Surname Your surname http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname

Provide information to LogMeIn

Provide the relevant information to LogMeIn and we make adjustments on your account. Contact your LogMeIn Account Manager to begin the SAML process.

 
  1. Verify domain ownership.

    You must prove ownership of your domain before Azure Active Directory can be activated for your account. There are two methods of verification: HTML upload and DNS record.

    Option Procedure
    Verify domain ownership by HTML Upload
    1. Create an html file named logmein-domain-confirmation.html to the website for your planned ADFS domain.
    2. In the logmein-domain-confirmation.html file, include a random string. Example: logmein-domain-confirmation jska7893279jkdhkkjdhask
    3. After you have created the logmein-domain-confirmation.html file containing the random string, email your LogMeIn Account Manager with the string and they will confirm the logmein-domain-confirmation.html is visible and contains the correct information.
    Verify domain ownership by DNS record
    1. Create a TXT for your domain's DNS entry with the value logmein-domain-confirmation.
    2. In the logmein-domain-confirmation.txt file, include a random string. Example: logmein-domain-confirmation jska7893279jkdhkkjdhask
    3. After you have created the logmein-domain-confirmation file containing the random string, email your LogMeIn Account Manager and they will confirm the logmein-domain-confirmation file is visible and contains the correct information.
    Tip: If you do not have a LogMeIn Account Manager, you can contact support.
  2. From https://portal.azure.com, the Certificate (Raw) and Federated Metadata XML must be given to your LogMeIn Account Manager.
    Tip: If you do not have a LogMeIn Account Manager, you can contact support.
Once your LogMeIn representative has configured the SAML 2.0 connection using the information provided, your users gain access to the appropriate LogMeIn account and permissions via the IdP as the authentication source. It may take up to 30 minutes for the SSO service to be established for the first time.