Configure SAML 2.0 with ADFS 2.0 to use User ID as identifier
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-31-2014 01:01 AM
In the Wiki it is exemplified how to use the Email (email) field in the User (sys_user) table as the uniqe identifier between the user records in ServiceNow and the AD.
We tried to change this into using the User ID (user_name) field instead. - but we haven't gotten it to work.
The User ID field contains the AD account name, for example "labo01" for myself, just a simple character field.
From a ServiceNow configuration perspective it seems quite simple and straightforward - I guess most of the configuration work is performed at the ADFS. Unfortunately the ADFS team can't seem to be able to configure it properly...
Has anyone been able to successfully use the User ID (user_name) field to map with the AD/ADFS - is it possible? Any configuration hints (both in ServiceNow and in ADFS)?
Thanx! Lars-í…ke Bolk
- Labels:
-
Service Mapping
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-31-2014 02:30 AM
Hej Lars-í…ke,
I remember having some issues regarding this at project.
Cannot recall the exact solution, but it was related to the mapping between ADFS and AD. The mapping was changed and ServiceNow properties updated. I believe we also needed to rerun the metadata file.
will have a look if i can find documentation on this
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-31-2014 08:01 AM
Thank you, Daniel.
If you find more information, please share. When we solve this, I'll write an update here.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-25-2014 10:03 PM
Hi,
Did anyone able to solve this issue? We are planning to use user_name field as a NameID instead of email Address. Thanks in advance.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-26-2014 04:32 AM
Hi Lars,
I'm sure that you already setup the right system property. glide.authenticate.sso.saml2.user_field to use te field user_id \instead of email
And did you already check this part of the saml 2.0 setup.
The adfs needs to send an nameid that contains, the userid that matched with the user_id in SNC.