locked
Where can I find documentation on the preconfigured claims rules types RRS feed

  • Question

  • Hello

    I was reading the following article which relates to writing AD FS Claims Rules, using Active Directory as the attribute store.

    https://social.technet.microsoft.com/wiki/contents/articles/16161.ad-fs-2-0-using-regex-in-the-claims-rule-language.aspx

    the above article mentioned a number of 'Types' such as  

    http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname

     

    however if I look at the AD Schema (using ADSiEdit.msc)  I do not see an attribute called windowsaccountname or indeed accountname therefore I cannot just replace the last part of the type with the AD schema LDAP displayname for example and hope to get a match. Therefore I have to know the correct type in advance and what the type refers back to in AD

    Is there a list please, where I can look up this information

    Thanks very much in advance,

    JoJacksons

    Sunday, March 18, 2018 5:32 PM

All replies

  • The windowsaccountname is sAMAccountName in AD.

    Sunday, March 18, 2018 6:27 PM
  • Thanks very much for taking the time to my question nzpcmad1

    Do you know if there is a reference document (or some other way like a script etc.) where I can see which attribute matches to which other attribute from these predefined types like 

    http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname

    Thanks very much

    JoJacksons

    Thursday, March 22, 2018 5:44 AM
  • Only the claims defined in the Active Directory Claim Provider trusts have an actual "mapping". For all the other rules you create, you create the mapping you want.

    Unless you mean the "mapping" in the wizard for the Active Directory Attribute Store:

    In that case, they are all more or less self explanatory. They are mapped to AD attribute. And if you are not sure, you can type whatever you want (like for stuff not in the list). Example, map the AD attribute customAtt1 to a claim called http://claims/custom1:

    The wizard is just here to save you some time.


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Monday, March 26, 2018 1:14 PM