CB Response: How To Remove Role Mapping on ADFS SSO

search cancel

CB Response: How To Remove Role Mapping on ADFS SSO

book

Article ID: 290348

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

With ADFS SSO, when IDP doesn't define roles, how to modify attr_map.py?

Environment

CB Response Server: All versions
ADFS: 2.0

Resolution

Edited the following lines.

Change

result["builtin_roles"] = [] 
result["teams"] = []

result["builtin_roles"] = None 
result["teams"] = None

Comment out the following.

"""       if 'role' in key:
            roles=value
            result["authorized"] = any( 'Domain Users' in role for role in roles )
            if any( 'Administrators' in role for role in roles ):
                result["authorized"] = True
                result["builtin_roles"] = ["global_admin",]
                result["teams"] = ["Administrators", ]

"""

Restart server service: CB Response: How to restart server services

Feedback

thumb_up Yes

thumb_down No