Home 2012 August

Send distinguishedName as claim with AD FS

Custom claim rule to send the OU as a claim: c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"] => issue(store = “Active Directory”, types = (“http://schemas.xmlsoap.org/ws/2005/05/identity/claims/ou”), query = “sAMAccountName={0};distinguishedName;{1}”, param = regexreplace(c.Value, “(?[^\\]+)\\(?.+)”, “${user}”), param = c.Value);

 
 
No Comments