Configure User Attributes in ADFS

Create or configure Active Directory user attributes that you want to map to fields in the CSM User Business Object. This is typically the CSM User Info Lookup Object, but it could be a different table based on your user implementation.

To configure Active Directory user attributes:

  1. Open the AD FS Management tool.
  2. From the navigation pane, expand Trust Relationships, and then select Relying Party Trusts.
  3. Select the CSM server that is configured for SAML.
  4. Select Edit Claims Rules, and then select Add Rule.
  5. From the Add Transform Claim Rule Wizard, select the Send LDAP Attributes as Claims rule template, and then select Next.
  6. Add the following claim rule properties:
    PropertyValue
    Claim rule nameProvide a name, such as User Attributes.
    Attribute StoreSelect Active Directory.
    LDAP AttributeAdd an entry for each attribute you want to pass to CSM. For example, add Given Name, Surname, E-mail Addresses, and Department.
    Outgoing Claim TypeType (do not select) a name for each attribute. For example, add First Name for the Given Name attribute.
  7. Record the Outgoing Claim Type entries you make so have the names when you map them to Business Object fields in CSM.

  8. Select Finish.
  9. Map the Outgoing Claim Types to Business Object fields. See Map Active Directory User Attributes to CSM User Fields.