Send objectGUID as an AD FS 2.0 Claim

active-directory windows-server-2012 adfs
5,980

Solution 1

The objectGuid LDAP attribute can be sent as the value of any claim by using "Send LDAP Attributes as Claims Rule" and specifying objectGuid as the source attribute. ADFS has no specific knowledge of LDAP attributes, and if you were to extend your LDAP schema, you could use those just as easily as any other. The particular claim you must transform it to is mandated by the relying party.

If you are just using it as the user's unique ID, you might send it as http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier (Private Personal Identifier), but you might also send it in a claim specific to your particular RP (which is when you would need to add a claim description).

Solution 2

Refer ADFS : objectGUID as a claim.

The problem isn't so much accessing it but the fact that it "converts" it to something that doesn't match the original entry in AD.

Share:
5,980

Related videos on Youtube

Wes
Author by

Wes

Updated on September 18, 2022

Comments

  • Wes
    Wes over 1 year

    I would like to send objectGUID as a claim with AD FS 2.0 running on Windows Server 2012.

    I know I can create Issuance Transform Rules for a Relying Party Trust, but how does AD FS 2.0 know about objectGUID? Do I need to add a claim description for objectGUID under AD FS\Service\Claim Descriptions?

  • Wes
    Wes over 10 years
    you're blog post was helpful in discovering the base64 behavior with AD FS. I'm not so concerned that the value sent as the AD FS claim is not the actual value. My main concern is that I am able to extract a unique/immutable value for each user.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

AD FS and DC on same Server
What's the upgrade path for ADFS 2.1 to 3.0 (Server 2012 to 2012 R2)
Why is JDK1.8.0u121 unable to find the kerberos default_tkt_enctypes types? (KrbException: no supported default etypes for default_tkt_enctypes)
Windows 2012 Domain Controller NETLOGON error
Active Directory setup with Profile Path and Home Folder
How do I add a Microsoft account user to Windows Server 2012?
Windows Server 2012 AD DC/DNS/DHCP in single server
Exchange 2013 Error - MapiExceptionUnknownUser: Unable to open message store
How to block incoming ports using group policy in active directory windows server 2012
Cannot create printer object in Active Directory, even though the printer is on the same server