Recommended Relying Party Trust Claims for SSO Integration with ADFS
Article ID: 416619
Updated On:
Products
Carbon Black EDR
Issue/Introduction
Recommended claims policies to send to the EDR server for ADFS integration.
Environment
- Carbon Black EDR Server: All Versions
- ADFS
Resolution
| LDAP Attributes | Outgoing Claim | attr_map if "<map>" in key: |
Example AD Response |
|---|---|---|---|
| Email-Addresses | Email-Address | [email protected] | |
| Given-Name | Given Name | givenName | john |
| Surname | Surname | surname | doe |
| Token-Groups - Unqualified Names | Role | role | ['Domain Admins', 'Domain User', 'my custom group'] |
| SAM-Account-Name | Common Name | commonName | jdoe |
| SAM-Account-Name | Name ID | ** Not Mapped |
Additional Information
- Use the attr_map column to update the /etc/cb/sso/attr_map.py file. This file is case sensitive, correct casing has been given in the table.
- ** Name ID is used as part of the initial response and is not included in the attribute mapping.
Feedback
Yes
No
Powered by
