Editing Claim Issuance Policy in AD FS

To edit the claim issuance policy:

1. Right click previously created relying party trust.

2. Click Edit Claim Issuance Policy.

   

3. Add LDAP Attributes as Claims rule.

   1. Click Add Rule.

      

   2. Select LDAP Attributes as Claims as Claim rule template and click Next.

      

   3. Configure claim rule.

      1. Enter a rule name.

      2. Select Active Directory as Attribute store.

      3. Map LDAP attributes to outgoing claim types. These attributes must match with the attributes configured in FortiGuest.

         

   4. Click Finish.

4. Add Transform an Incoming Claim rule.

   1. Click Add Rule.

      

   2. Enter a claim rule name.

   3. Select Transform an Incoming Claim as claim rule template and click Next.

      

   4. Configure claim rule.

      1. Select E-Mail Address as Incoming claim type.

      2. Select Name ID as Outgoing claim type.

      3. Select Email as Outgoing name ID format. Since email is specified as Name ID in FortiGuest.

      4. Click Finish.

         

5. Click OK.