How to implement Active Directory resolution with SAML authentication in SharePoint 2010?

If you configured SharePoint web application in claims mode with federated authentication (with an external STS such as ADFS), you certainly remarked that OOB SharePoint does not offer any search or resolution against Active Directory. And you certainly thought it would be really nice to have it.

Well, there are good reasons to explain this: since users authenticate in an external STS, SharePoint cannot assume if the users authenticated within the organization, or outside, and it also doesn’t know if users authenticated in a LDAP or in a totally different login system such as a SQL DB.

Fortunately, SharePoint gives the possibility for developers to  create a claim provider that implements this, and I recently published mine on codeplex: https://ldapcp.codeplex.com/. It integrates easily with existing environments, does not mess up anything and is available for free with the source code!

Comments

• Anonymous
  September 05, 2013
  Hi Yvan, Thank you for the LDAPCP solution. It works really great. One question though, it doesn't resolve AD Security Groups. Is there a configuration change I need to make to work this out? Thanks, SV

• Anonymous
  May 20, 2014
  hello, thank you for your feedback and sorry for my late reply. Actually it does resolve them, but it will only if the claim type associated is present in the SPTrustedIdentityTokenIssuer. Did you verify this? cheers, Yvan