TechOnTip Weblog

Run book for Technocrats

Archive for May, 2016

ADFS: NameID Claim with Additional Properties

Posted by Brajesh Panda on May 26, 2016

Lately I was doing a SAS application (Axxerrion) integration with our ADFS. And they had a requirement to get a few things as additional properties i.e. spnamequalifier, namequalifier & nameID format to be mentioned as transient.

Here what I came up with. They also needed UPN for validation. So in 1st rule I am creating two outgoing claims. In 2nd custom rule, I am adding attributes to the Outgoing NameID claim. Final claim screenshot is at the bottom.

Claim Rules

Rule 1:

claim

 

 

 

 

 

 

 

 

 

Rule 2:

c:[Type == “http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier“]

=> issue(Type = “http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier“, Issuer = c.Issuer, OriginalIssuer = c.OriginalIssuer, Value = c.Value, ValueType = c.ValueType, Properties[“http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/format“] = “urn:oasis:names:tc:SAML:2.0:nameid-format:transient”, Properties[“http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/namequalifier“] = “https://<Adfs_URL>/adfs/ls/“, Properties[“http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/spnamequalifier“] = “https://test.axxerion.us/axxerion/“);

Saml Claim thru SAML Tracer

Advertisements

Posted in ADFS | Leave a Comment »

Powershell Trick: Execute Logon Script as per Group Membership

Posted by Brajesh Panda on May 22, 2016

If((Get-ADPrincipalGroupMembership $env:username).name -like “Domain Users”)

{Write-Host “Yes”}

Change the Write-Host section with the action script, what you want to execute. I think this is what you want.

Here $env:username gets the logged on user name. It is like “whoami” command, without the domain info. You can get domain info using $env:USERDNSDOMAIN

Posted in Mix & Match, Powershell | Tagged: | Leave a Comment »

Powershell Trick: Convert TXT to HTML and Send Email

Posted by Brajesh Panda on May 17, 2016

If you want to get contents from a txt file and send its content in email body, this trick will do the job. My txt file has multiple separate lines, like general error files.

So this trick joins all lines with <BR> HTML encode to introduce line breaks. If you do not use this encode and just do get-content, all lines will be messed like a paragraph and will be hard to read.

$Body = (Get-Content <File Path>) -join ‘<BR>’

After you encode the html, make sure use BodyAsHtml to set outgoing email format. So email client will convert html page back to readable format.

Send-MailMessage -From <> -To <> -Subject <Message> -Body $Body -BodyAsHtml -SmtpServer smtp.server

Posted in Mix & Match, Powershell | Tagged: | Leave a Comment »

 
%d bloggers like this: