你们可以帮我解决如何在ADFS 2.0声明中发送DN吗?
谢谢!
答案 0 :(得分:6)
似乎没有DN的标准URI,但您可以随时自行推送。
ADFS声明规则框实际上是可配置的 - 请参阅ADFS : Selecting claim that's not in the default drop down
因此,在“LDAP属性”中输入“DN”并在“传出声明类型”中输入“http://company.com/identity/claims/DistinguishedName”之类的内容。
<强>编辑:
LDAP属性请参见此处:Selected LDAP Attributes
答案 1 :(得分:0)
c:[Type ==“http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname”,Issuer ==“AD AUTHORITY”] =&GT; issue(store =“Active Directory”,types =(“http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name”),query =“; distinguishedName; {0}”,param = c.Value);