ADFS Documentation Blog : ADFS Step-by-Step Guide - How to Replace SharePoint with a Sample Windows NT Token-based Application

Comments

dmc_lat47 said:

I'm only running the claim app; however, no matter who logs in, and what group they belong to, only one claim shows up in the "SingleSignOnIdentity.SecurityPropertyCollection" section... the UPN.

I've checked the org claims, claim mappings, incoming/outgoing claims on the resource/acct machines, and everything seems to line up.

Also, how does one configure a custom claim? a Role?

thanks

# August 8, 2006 4:07 PM

nickp said:

Try verifying the following:

• On ADFSAccount, make sure all of the users that you plan on using to test the claims app are members of the TreyClaimAppUsers group.

• On ADFSAccount, make sure the group claim extraction under Trust Policy\My Organization\Account Stores\Active Directory shows that the TreyClaimAppUsers@adatum.com group is mapped to the Trey ClaimApp Claim.

• On ADFSResource, make sure the Adatum ClaimApp Claim under Trust Policy\My Organization\Applications\Claims-aware Application is enabled (right-click, click Enabled).

Information about configuring custom claims can be found in the ADFS SDK (http://msdn.microsoft.com/library/en-us/adfs_mref/html/T_System_Web_Security_SingleSignOn_CustomClaimLdapAttribute.asp?frame=true).

# August 9, 2006 6:22 PM

dmc_lat47 said:

Boy it was sure good to see this working! I'm getting all the group memberships now. The claims weren't enabled.

thanks!
david

# August 11, 2006 12:37 PM

Anonymous comments are disabled

ADFS Documentation Blog

Recent Posts

Tags

Blogroll

Archives

ADFS Step-by-Step Guide - How to Replace SharePoint with a Sample Windows NT Token-based Application

Comments

dmc_lat47 said:

nickp said:

dmc_lat47 said: