Best Practices Question
SAML problem with SMA
We were using ldap successfully but have a need to use SAML SSO. We followed the documentation to get connected and ran into a problem. In LDAP the login ID is first initial last name from Active Directory; but in azure what is sent as a claim is the email address. So we end up with a new account for each user. Futhermore required fields like job title and division are not being sent at all. Was working with someone from KACE but he was not able to get the problem resolved.
He did have me install a chrome SAML utility which shows the same XML. so for username from Azure what it sends is "<Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name">"
Has anyone had any luck declaring additional "claims" in azure? This far we cant seem to get Azure to send what we need.
Be the first to answer this question