locked
ADFS with SAML Authentication RRS feed

  • Question

  • Hi,

    I am trying to setup SAML with ADFS in order to authenticate my web application using active directory users. How can I let ADFS send either the short name that is "Administrator" or the domain-qualified name during authentication? The user Administrator is failing the credentials at SAML end. Can I get help on this?

    Thanks!



    • Edited by DXAVIER2016 Thursday, April 7, 2016 4:02 AM
    Wednesday, April 6, 2016 3:27 PM

All replies

  • You need to know what claim type and what format the application is expecting. So go talk to the admin of the app, and ask for this information :)

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Wednesday, April 6, 2016 3:48 PM
  • Create a Claim Rule in ADFS that issues SAM-Account-Name or User-Principal-Name as NameID. Don't use the Administrator account when testing. Use a "normal" user account.

    WORK

    Wednesday, April 6, 2016 8:40 PM
  • Hi,

    The application is expecting to receive a <NameId> element in the Subject of the SAMLResponse which contains either the shortname or the full DN of the user as its value.

    Thursday, April 7, 2016 4:05 AM