Create or configure Active Directory groups that you want to map
to Security Groups in
CSM.
Users are automatically added to the mapped
CSM
Security Group when their account is created or updated.
To configure groups in ADFS:
- Open the AD FS Management tool.
- From the navigation pane, expand
Trust Relationships, and then select
Relying Party Trusts.
- Select the
CSM
server that is configured for SAML.
- Select
Edit Claims Rules, and then select
Add Rule.
- From the
Add Transform Claim Rule Wizard, select the
Send Group Membership as a Claim rule
template, and then select
Next.
- Add the following claim rule properties:
Claim rule name |
Provide a name, such as Admin or IT Service Desk Level 1.
For easier maintenance, choose a name that matches Security Group names in
CSM. |
User's Group |
Select Browse, and
then add the domain name group you want to map to
CSM
Security Groups. For example, add Domain Admins if you want to automatically
add users in this group to the Admins Security Group in
CSM. |
Outgoing Claim Type |
Select
Group. |
Outgoing Claim Value |
Provide a
name for the group. This is the name you will use to map the ADFS group to a
CSM
Security Group. |
- Record the group names you added so have the names when you map
them to Security Groups in
CSM.
- Select
Finish.
- Repeat this process for each ADFS group you want to map to a
CSM
Security Group.
- Map the ADFS groups to
CSM
Security Groups. See
Map SAML Security Groups to
CSM
Security Groups.