ADFS

From WikiWiki
Revision as of 14:00, 21 November 2013 by Mendel (talk | contribs) (Created page with "<syntaxhighlight lang="text"> 1 c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORTIY"] => add(store = "Active Dire...")
(change visibility) (diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
1
 c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORTIY"]
=> add(store = "Active Directory", types = ("http://schemas.xmlsoap.org/claims/Group"), query = ";memberOf;{0}", param = c.Value);

c:[Type == "http://schemas.xmlsoap.org/claims/Group", Value =~ "(?i)ug-sec"]
=> issue(claim = c);


2
c1:[Type == "http://schemas.xmlsoap.org/claims/Group"]
 && c2:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"]
 => issue(store = "Active Directory", types = ("http://schemas.microsoft.com/ws/2008/06/identity/claims/role"), query = "(&(distinguishedName={0})(info=Role));name;{1}", param = c1.Value, param = c2.Value);
 
 
 
 
 
 
 
 origineel
 c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"]
 => issue(store = "Active Directory", types = ("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn", "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", "http://schemas.xmlsoap.org/claims/Company", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name", "http://schemas.xmlsoap.org/claims/Group"), query = ";userPrincipalName,sAMAccountName,company,mail,displayName,tokenGroups;{0}", param = c.Value);

 
 
 
 
c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORTIY"]
=> add(store = "Active Directory", types = ("http://schemas.xmlsoap.org/claims/Group"), query = ";memberOf;{0}", param = c.Value);
c:[Type == "http://schemas.xmlsoap.org/claims/Group", Value =~ "(?i)adfs"
=> issue(claim = c);