ADFS 4.0, Federated with external IDP

BlackCat 86 Reputation points
2024-08-30T06:53:42.3133333+00:00

Scenario:

ADFS at Forest root domain Root.local

Federated with external IDP sending NameID to ADFS

at ADFS, claims Provider trust created and pass NameID

At child domain A.root.local we created shadow account to match with NameID sent from External IDP

A SAML2.0 app onboarded at ADFS but using security group as Role at child-domain A.Root.local (domain netbios A)

External IDP sucessfully send NameID to ADFS for login, question is how do I transform that NameID from external IDP to add A\NameID or nameID@a.root.local so it will query the security group at child domain to send as role?

I am trying to add domain netbios name A to NameID in format A\NameID to the store and having another rule to look up security group at child domain to send as Role.

Thanks

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,247 questions
0 comments No comments
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.