question

SukhwinderSingh-7853 avatar image
0 Votes"
SukhwinderSingh-7853 asked ·

ADFS Group membership Claim

Hi All,

We have ADFS 3.0 and we have relying party trust where we are sending User's group membership as claim. The rule details are provided below and it works fine for users of our Test Domain.
Now we have certain users which are part of trusted Domain and they are added to the some local group in our Domain. We have checked the claim but all Group membership for those users are not coming. Only the group membership from users Domain are reflected but not the trusted Domain.
Is there a way to achieve it

Rule:

c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"]
=> add(store = "Active Directory", types = ("groups"), query = ";memberOf;{0}", param = c.Value);

adfs
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

0 Answers