问题
Can you guys help me out on how to send DN in a claim from ADFS 2.0?
Thanks!
回答1:
There doesn't seem to be a standard URI for DN but you can always roll your own.
The ADFS claims rules box is actually configurable - refer ADFS : Selecting claim that's not in the default drop down
So in the "LDAP Attribute" enter "DN" and in the "Outgoing Claim Type" enter something like "http://company.com/identity/claims/DistinguishedName".
Edited:
LDAP attributes see here : Selected LDAP Attributes
回答2:
c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"] => issue(store = "Active Directory", types = ("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"), query = "; distinguishedName;{0}", param = c.Value);
来源:https://stackoverflow.com/questions/11968455/send-distinguished-name-adfs-2-0