Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1160
Views
1
Helpful
0
Replies

DUO DAG > Attribute/Claim transformation

Siva3
Level 1
Level 1

‎03-21-2019 07:21 AM

Recently, I ran into an issue where the NameID needed to be sAMAccountName@domain.org and surprised to find out that DUO DAG didn’t offer this from the GUI. Raised a feature request.

In the meantime, I figured out a way to achieve this and thought of sharing it with the community in case if anyone is in the same boat.

This is through JSON import file to DAG. add the following to authproc section.

		    "10": {
                "class": "core:AttributeCopy",
                "sAMAccountName": "■■■■Suffix"
            },
		    "11": {
                "class": "core:AttributeAlter",
				"subject": "■■■■Suffix",
                "pattern": "/$/",
                "replacement": "@domain.org"				
            },

Note: @domain.org can be your custom domain

Finially set the “simplesaml.nameidattribute” to the new custom attriute

“simplesaml.nameidattribute”: “■■■■Suffix”,

Labels:
0 Replies 0
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents