-
Notifications
You must be signed in to change notification settings - Fork 51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issue with SQL SERVER #10
Comments
Hello, I don't really understand your log. Sample PowerShell Code to create a new local provider (LDAP 3.0 Repo)If used these kind of script to add my Synolgy NAS as Local Provider
If Using SSL
If not using SSL
Attributes mapping
Local Claims Provider Creation
Attribute Store
ADFS Sample Claims
Attribute Store Extension Sample |
Hello I configured MY ldap like you exept I didnt do this step Attribute Store. I didnt see this step on this doc My ldap Config _ $EXTDirectory = New-AdfsLdapServerConnection -HostName LDAPSERVER -Port 10389 -SslMode None -AuthenticationMethod Basic -Credential $DirectoryCred $DisplayName = New-AdfsLdapAttributeToClaimMapping –LdapAttribute displayName –ClaimType "http://temp.org/identity/claims/displayName" Add-AdfsLocalClaimsProviderTrust -Name "EXTERNAL" -Identifier "urn:EXTERNAL" -type ldap |
Hello, Yes Attribute Store is an old feature for ADFS and it's optional (only if you want more attributes for claims). We have just, tested with SQL-Server, we have no problems. it works as well ! I don't see, in your script declaration for UPN Your are mapping email attribute to WindowsAccountName Claim. this is wrong ! Remember, the UPN is always the identity claims in federation context Lest us Know, if this can resolve your problem Regards |
Hello, I have change the ANchorClaimType : It's OK for AD , but I have an another error with LDAP (LDAP its OK without MFA) Additional Data Protocol Name: Relying Party: Exception details: |
It's ok, |
Hi, this project is open source, and we are going to push regulary new versions. Regards |
Hello,
I have a new problem (promise its the last)
When I configure the SQL connexion to use many directory I have this error
With the Principal AD or a LDAP account :
Encountered error during federation passive request.
Additional Data
Protocol Name:
wsfed
Relying Party:
Exception details:
Microsoft.IdentityServer.Web.CookieManagers.InvalidContextException: MSIS7001: The passive protocol context was not found or not valid. If the context was stored in cookies, the cookies that were presented by the client were not valid. Ensure that the client browser is configured to accept cookies from this website and retry this request.
at Microsoft.IdentityServer.Web.Protocols.GenericProtocolRequest.ParseEncodedRequestParts(String[] encodedRequestParts)
at Microsoft.IdentityServer.Web.Protocols.GenericProtocolRequest..ctor(String encodedGenericRequest)
at Microsoft.IdentityServer.Web.Protocols.WSFederation.WSFederationProtocolHandler.GetOriginalRequestFromResponse(ProtocolContext context)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.ProcessProtocolRequest(ProtocolContext protocolContext, PassiveProtocolHandler protocolHandler)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)
The text was updated successfully, but these errors were encountered: