You are viewing limited content. For full access, please sign in.

Discussion

Active Directory Federation Services - Where does Cloud expect the attribute http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn to be specified

Laserfiche Cloud

Updated August 15, 2022

posted on August 12, 2022 • Show version history

Users are gettin this error when attempting to logging in:

Could not find specified attribute http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn

IT sent me this screenshot showing me they have it defined

0 0

Comments 2
Follow-Ups 0

replied on August 12, 2022 • Show version history

Having UPN defined in the AD FS Service Claim Descriptions doesn't tell you anything except that it's a defined claim type.

The issue is that they don't have it configured with an LDAP attribute mapping in the Relying Party Trust's Claim Rules. Without that, the value isn't getting sent in the AD FS SAML token.

This screenshot shows the UPN claim rule configuration they need. It's for a self-hosted/LFDS AD FS Relying Party Trust so ignore the claims other than UPN.

1 0

replied on August 15, 2022

Thank you! Sending this back to IT

1 0

You are not allowed to follow up in this post.

Sign in to reply to this post.

Posted August 12, 2022
Updated August 15, 2022
32 views

Discussion

Discussion

Active Directory Federation Services - Where does Cloud expect the attribute http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn to be specified

Comments 2

Follow-Ups 0

Sign in to reply to this post.