locked
ADFS Claim Rule RegEx Filter RRS feed

  • Question

  • Hi All,

    Just wanted to ask. I am trying to Figure out how to send the manager as a Claim. 

    The current attribute value of the manager in the users account is "CN". E.g format of the CN=Last Name\, First Name, OU=Users, OU=EUR, DC=EU

    What the business want is to pass the manager just first and the last name. I am trying to filter out just to get the value of CN up until the second comma:

    Last Name\, First Name and remove the "\". 

    The current rules that I have as of now are:

    Rule 1:

    c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"]
     => add(store = "Active Directory", types = ("http://test.com/phase1"), query = ";Manager;{0}", param = c.Value);

    Rule 2:

    c:[Type == "http://test.com/phase1"]
     => add(Type = "http://test.com/phase2", Value = RegExReplace(c.Value, ",[^,]*,[^,]*", ""));

    Rule 3:

    c:[Type == "http://test.com/phase2"]
     => issue(Type = "http://schemas.xmlsoap.org/claims/manager", Value = RegExReplace(c.Value, "^CN=", ""));

    Which the output of my current claim rules only pass " last name\,"

    Thank you in advance!!!

    Thursday, February 22, 2018 1:32 PM

All replies

  • Hello Mike

    If I was doing this in PowerShell I would do something like the following

    [regex]::Replace('CN=Brant\, Ernest, OU=Users, OU=EUR, DC=EU', '^CN=(\w+).+$','$1')
    [regex]::Replace('CN=Brant\, Ernest, OU=Users, OU=EUR, DC=EU', '^CN=.*\\, (\w+),.+','$1')

    which would give me

    Brant
    Ernest

    respectively

    As long as you are using the same Regex engine (I have come across two in .NET) than you should get the same result.

    Hope that helps

    Ernest Brant

    Thursday, February 22, 2018 2:09 PM
  • Hello Mike,

    You can also test out regex's by using an online regex tester, ie https://regex101.com/

    Best,

    Steven


    • Edited by Steven_1990 Friday, February 23, 2018 8:21 PM
    Friday, February 23, 2018 8:21 PM
  • Is this solved? Or do we need to add details and example here?

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Tuesday, March 6, 2018 6:58 PM