@Pierre Audonnet - MSFT Thank you for your reply. Will check with the Azure AD connect wizard part. For now I have configured for the employeeId.
Here we are having the application where it checks for the employeeid and queries the groups (Member Of) assigned to the users and authorizes based on it,
Below is in ADFS custom claim rule,
Pull memberOf, add to working set “phase 1”
c:[Type == "employeeid"] => add(store = "NewCVCAuth", types = {'phase1"}, query = "employeeid={0};MemberOf", param = c.Value);
Drop everything after the first comma, add to working set “phase 2”
c:[Type == "phase1"] => add{Type = "phase2", Value = RegExReplace(c.Value, "/[^\n]*", ""));
Remove CN
c:[Type == "phase2"] => issue(Type = "group", Value = RegExReplace(c.Value, "^CN=", ""));
Send groups:
c:[Type == "group", Value =~ "(group1|group2|group3|group4)"]
How can we pass this in Azure Attributes & Claims?
Note: Refer "https://social.technet.microsoft.com/wiki/contents/articles/16161.ad-fs-2-0-using-regex-in-the-claims-rule-language.aspx" - Real world Examples Problem 1