A user may belong to multiple AD groups. This guide describes how to return the list of groups the user belongs to in a SAML attribute.
Section |
---|
|
Column |
---|
Under SSO>Service Providers locate the SP you wish to add the attribute to.
Click on the Ellipses and select Edit from the drop-down menu that appears |
Column |
---|
|
Panel |
---|
borderColor | #9EBEE5 |
---|
bgColor | #f0f0f0 |
---|
borderWidth | 1px |
---|
|
|
|
|
...
Section |
---|
|
Column |
---|
Add the following parameters: Field | Value |
---|
Location: | HTTP Body | Name: | This can be any name the SP requires however usually it is ' | Groupsgroups' | Format: | attrname-format: | URI* |
Column |
---|
|
Panel |
---|
borderColor | #9EBEE5 |
---|
bgColor | #f0f0f0 |
---|
borderWidth | 1px |
---|
| Image Modified |
|
|
Section |
---|
|
Column |
---|
Click: Install and let it run through... |
Column |
---|
|
Panel |
---|
borderColor | #9EBEE5 |
---|
bgColor | #f0f0f0 |
---|
borderWidth | 1px |
---|
|
Image Removed
|
Remember to Save the changes
Please Test
Section |
---|
|
Column |
---|
Click: Finish | Column |
---|
| Panel |
---|
borderColor | #9EBEE5 |
---|
bgColor | #f0f0f0 |
---|
borderWidth | 1px |
---|
| Image Removed |
|
Following installation of the Chisel Agent please check the following:
Section |
---|
|
Column |
---|
Check the DualShield Computer Logon Agent service is still runningHere are the groups that the AD account belongs to.. |
Column |
---|
|
Panel |
---|
borderColor | #9EBEE5 |
---|
bgColor | #f0f0f0 |
---|
borderWidth | 1px |
---|
| Image RemovedImage Added |
|
|
Section |
---|
|
Column |
---|
Make sure If you log onto the SAML website you can browse to C:\Program Files\Deepnet Security\ComputerLogonAgent\addon\dualcs and you can see the following files inside the foldercheck to see if all the groups of which the AD account is a member of, are returned in the 'groups' attribute, by looking at the full SAML assertion... |
Column |
---|
|
Panel |
---|
borderColor | #9EBEE5 |
---|
bgColor | #f0f0f0 |
---|
borderWidth | 1px |
---|
| Image Removed Image Added |
|
|
Section |
---|
|
Column |
---|
Launch Task Manager and check for a process called dualcs.exe In this example, this is what the SAML test page returns.. |
Column |
---|
|
Panel |
---|
borderColor | #9EBEE5 |
---|
bgColor | #f0f0f0 |
---|
borderWidth | 1px |
---|
| Image Removed Image Added |
|
|