ADFS Group membership Claim

asked 2020-05-21T09:16:01.79+00:00
Sukhwinder Singh 41 Reputation points

Hi All,

We have ADFS 3.0 and we have relying party trust where we are sending User's group membership as claim. The rule details are provided below and it works fine for users of our Test Domain.
Now we have certain users which are part of trusted Domain and they are added to the some local group in our Domain. We have checked the claim but all Group membership for those users are not coming. Only the group membership from users Domain are reflected but not the trusted Domain.
Is there a way to achieve it

Rule:

c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"]
=> add(store = "Active Directory", types = ("groups"), query = ";memberOf;{0}", param = c.Value);

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
952 questions
No comments
{count} votes