Unsuccessfull Issuance Authorization Rule with regex
问题 I'm trying to make a Authorization Rule in ADFS 3.0, disabling some users in a specific "OU" form using a "relying party", with no success. On the Issuance Transform Rules, i've configured the claim "http://schemas.microsoft.com/ws/2008/06/identity/claims/distinguishedname" to get the Distinguished name from AD. Here is an example: CN=John Doe,OU=XYZ,OU=ABC,DC=CONTOSO,DC=com This rule should deny access from users in the XPTO OU c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity