A user may belong to multiple AD groups. This guide describes how to return the list of groups the user belongs to in a SAML attribute.
| Section |
|---|
|
| Column |
|---|
Under SSO>Service Providers locate the SP you wish to add the attribute to.
Click on the Ellipses and select Edit from the drop-down menu that appears |
| Column |
|---|
|
| Panel |
|---|
| borderColor | #9EBEE5 |
|---|
| bgColor | #f0f0f0 |
|---|
| borderWidth | 1px |
|---|
| 
|
|
|
...
| Section |
|---|
|
| Column |
|---|
Add the following parameters: | Field | Value |
|---|
| Location: | HTTP Body | | Name: | This can be any name the SP requires however usually it is ' |
Groups| groups' | | Format: | attrname-format: |
URI* |
| Column |
|---|
|
| Panel |
|---|
| borderColor | #9EBEE5 |
|---|
| bgColor | #f0f0f0 |
|---|
| borderWidth | 1px |
|---|
|  Image Modified
|
|
|
| Section |
|---|
|
| Column |
|---|
Click: Install and let it run through... |
| Column |
|---|
|
| Panel |
|---|
| borderColor | #9EBEE5 |
|---|
| bgColor | #f0f0f0 |
|---|
| borderWidth | 1px |
|---|
|
Image Removed
|
Remember to Save the changes
Please Test
| Section |
|---|
|
| Column |
|---|
Click: Finish | | Column |
|---|
| | Panel |
|---|
| borderColor | #9EBEE5 |
|---|
| bgColor | #f0f0f0 |
|---|
| borderWidth | 1px |
|---|
|  Image Removed |
|
Following installation of the Chisel Agent please check the following:
| Section |
|---|
|
| Column |
|---|
Check the DualShield Computer Logon Agent service is still runningHere are the groups that the AD account belongs to.. |
| Column |
|---|
|
| Panel |
|---|
| borderColor | #9EBEE5 |
|---|
| bgColor | #f0f0f0 |
|---|
| borderWidth | 1px |
|---|
|  Image Removed Image Added
|
|
|
| Section |
|---|
|
| Column |
|---|
| Make sure If you log onto the SAML website you can browse to C:\Program Files\Deepnet Security\ComputerLogonAgent\addon\dualcs and you can see the following files inside the foldercheck to see if all the groups of which the AD account is a member of, are returned in the 'groups' attribute, by looking at the full SAML assertion... |
| Column |
|---|
|
| Panel |
|---|
| borderColor | #9EBEE5 |
|---|
| bgColor | #f0f0f0 |
|---|
| borderWidth | 1px |
|---|
|  Image Removed  Image Added
|
|
|
| Section |
|---|
|
| Column |
|---|
| Launch Task Manager and check for a process called dualcs.exe In this example, this is what the SAML test page returns.. |
| Column |
|---|
|
| Panel |
|---|
| borderColor | #9EBEE5 |
|---|
| bgColor | #f0f0f0 |
|---|
| borderWidth | 1px |
|---|
|  Image Removed  Image Added
|
|
|