Best Practices Question

SAML problem with SMA

04/28/2020 274 views

We were using ldap successfully but have a need to use SAML SSO.  We followed the documentation to get connected and ran into a problem.  In LDAP the login ID is first initial last name from Active Directory; but in azure what is sent as a claim is the email address.  So we end up with a new account for each user.  Futhermore required fields like job title and division are not being sent at all.  Was working with someone from KACE but he was not able to get the problem resolved.

He did have me install a chrome SAML utility which shows the same XML. so for username from Azure what it sends is "<Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name">"

Has anyone had any luck declaring additional "claims" in azure?  This far we cant seem to get Azure to send what we need. 

1 Comment   [ + ] Show comment


Be the first to answer this question

This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ