Skip to main content

Creating Claim Rules

By default the Claim Rule Editor opens once you created the relying party trust.

3193210515

To create a new rule:

1. Click <Add Rule>. The Select Rule Template screen is displayed.

3193210521

2. Select Send LDAP Attributes as Claims from the Claim rule template drop-down list. The Edit Rule dialog is displayed.

3193210527

3. Enter a Claim rule name (i.e., Rule 1),

4. Select Active Directory from the Attribute store drop-down.

5. Map the following attributes to the rule:

  • From the first LDAP Attribute column, select SAM-Account-Name.

  • From the first Outgoing Claim Type, select Windows account name.

  • From the second LDAP Attribute column, select E-Mail Address.

  • From the second Outgoing Claim Type, select E-Mail Address.

6. Click <OK> to save the new rule.

7. In the Claim Rule Editor, click <Add Rule> to add another rule. The Select Rule Template screen is displayed.

3193210533

8. Select Transform an Incoming Claim from the Claim rule template drop-down list. The Configure Rule dialog is displayed.

3193210539

9. Enter a Claim rule name (i.e., Rule 2),

10. Select Active Directory from the Attribute store drop-down list.

Define the following attributes to the rule:

  • From the Incoming claim type drop-down, select E-Mail Address.

  • From the Outgoing claim type drop-down, select Name ID.

  • From the Outgoing name ID format drop-down, select Email.

11. Keep Pass through all claim values selected.

12. Click <Finish> to save the new rule. The rule order should look similar to the following example.

3193210545

13. Click <OK> to complete creating the new rule.