Editing Claim Issuance Policy in AD FS
To edit the claim issuance policy:
-
Right click previously created relying party trust.
-
Click Edit Claim Issuance Policy.
-
Add LDAP Attributes as Claims rule.
-
Click Add Rule.
-
Select LDAP Attributes as Claims as Claim rule template and click Next.
-
Configure claim rule.
-
Enter a rule name.
-
Select Active Directory as Attribute store.
-
Map LDAP attributes to outgoing claim types. These attributes must match with the attributes configured in FortiGuest.
-
-
Click Finish.
-
-
Add Transform an Incoming Claim rule.
-
Click Add Rule.
-
Enter a claim rule name.
-
Select Transform an Incoming Claim as claim rule template and click Next.
-
Configure claim rule.
-
Select E-Mail Address as Incoming claim type.
-
Select Name ID as Outgoing claim type.
-
Select Email as Outgoing name ID format. Since email is specified as Name ID in FortiGuest.
-
Click Finish.
-
-
-
Click OK.