When users log into Service Panel a self-claim is needed for identifying the logged in user. The following rules give common configurations.
NOTES:
A self claim should only be added to one virtual silo.
In order to author a self claim the Parent silo of the Virtual silo must contain the matched attribute.
SaaS
- Self Lookup Claim: Name
- Self Attribute: userPrincipalName (e.g. from AD silo, Azure silo, or MIM Metaverse silo)
- Self Lookup Rule: blank or
LowerCase(context)
- Self Lookup Claim: Id
- Self Attribute: msDS-ConsistencyGuid (e.g. from AD silo)
On-Premise
- Self Lookup Claim: Name
- Self Attribute: sAMAccountName
- Self Lookup Rule: Last(Split(context, "[\\]", true))
- Self Lookup Claim: Id
- Self Attribute: objectSid (e.g. from AD silo, MIM Connector space)
- Self Lookup Rule:
ConvertStringToSid(context)
Comments
0 comments
Please sign in to leave a comment.