none
ADFS Claim to convert all to lowercase RRS feed

  • שאלה

  • Greetings all

    ADFS noob here.

    I have had a look through this article and i have pretty much the same request just all lowercase.

    https://social.technet.microsoft.com/Forums/windowsserver/en-US/109a226d-b9c5-47b4-98ab-2d9e6446b1e4/adfs-claim-to-convert-user-id-to-uppercase?forum=ADFS


    I have reversed the user '32136554' suggestion to make all lowercase, however i am struggling on the logic on how/where to put the rule and the ordering within the issuance transform rules tab.

    I am assuming the below code i cant just copy and put into one rule and ADFS gives an error that only one rule may be added for each custom rule. So i have made 2 rules, 1st one starting with the "c:[Type" and ending with c.Value);" and the 2nd rule starting with "c:[Type == "temp_email"]"

    c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"]
     => add(store = "Active Directory", types = ("temp_email"), query = ";mail;{0}", param = c.Value);
    c:[Type == "temp_email"]
     => issue(Type = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", Value = RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(RegExReplace(c.Value, "A", "a"), "B", "b"), "C", "c"), "D", "d"), "E", "e"), "F", "f"), "G", "g"), "H", "h"), "I", "i"), "J", "j"), "K", "k"), "L", "l"), "M", "m"), "N", "n"), "O", "o"), "P", "p"), "Q", "q"), "R", "r"), "S", "s"), "T", "t"), "U", "u"), "V", "v"), "W", "w"), "X", "x"), "Y", "y"), "Z", "z"));

    So what i am trying to ask is we already have claims set up for this RP, below is the rule language...how do i do the ordering of it so the lowercase rule applies along with the claims sent below?

    c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"]
     => issue(store = "Active Directory", types = ("oa_unique", "oa_mail", "oa_lastname", "oa_firstname", "oa_displayname", "oa_memberOf", "oa_UPN", "oa_samaccount"), query = ";ObjectGUID,mail,sn,givenName,displayName,memberOf,userPrincipalName,sAMAccountName;{0}", param = c.Value);

    Your help is very much appreciated,

    יום שני 05 אוגוסט 2019 10:39

כל התגובות