Jorge's Quest For Knowledge!

All About Identity And Security On-Premises And In The Cloud – It's Just Like An Addiction, The More You Have, The More You Want To Have!

«
»

(2014-09-29) Default Claims Rules In ADFS To Support SSO Through Federation With Azure AD/Office 365

Posted by Jorge on 2014-09-29


Just for reference I posting the default claims rules in ADFS to support SSO through federation with Azure AD/Office 365.

@RuleName = "Identity Claims – Windows Account Name To UPN, ImmitableID"
c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname"]
=> issue(store = "Active Directory", types = ("http://schemas.xmlsoap.org/claims/UPN","http://schemas.microsoft.com/LiveID/Federation/2008/05/ImmutableID"), query = "samAccountName={0};userPrincipalName,objectGUID;{1}", param = regexreplace(c.Value, "(?<domain>[^\\]+)\\(?<user>.+)", "${user}"), param = c.Value);

@RuleName = "Identity Claims – ImmitableID To Name ID"
c:[Type == "http://schemas.microsoft.com/LiveID/Federation/2008/05/ImmutableID"]
=> issue(Type = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", Value = c.Value, Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/format"] = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified");

Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
######### http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————

Advertisement

This entry was posted on 2014-09-29 at 23:00 and is filed under Active Directory Federation Services (ADFS), Azure AD / Office 365, Transform Rules. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “(2014-09-29) Default Claims Rules In ADFS To Support SSO Through Federation With Azure AD/Office 365”

  1. (2014-11-21) Troubleshooting SSO Issues In Azure AD, Office 365 Or Windows Intune « Jorge's Quest For Knowledge! said

    2014-11-21 at 23:00

    […] (2014-09-29) Default Claims Rules In ADFS To Support SSO Through Federation With Azure AD/Office 365 […]

    Like

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

«
»
 
%d bloggers like this: