Environment
- CB Response Server: All versions
- ADFS: 2.0
Objective
With ADFS SSO, when IDP doesn't define roles, how to modify attr_map.py?
Resolution
- Edited the following lines.
Change
result["builtin_roles"] = []
result["teams"] = []
To
result["builtin_roles"] = None
result["teams"] = None
- Comment out the following.
""" if 'role' in key:
roles=value
result["authorized"] = any( 'Domain Users' in role for role in roles )
if any( 'Administrators' in role for role in roles ):
result["authorized"] = True
result["builtin_roles"] = ["global_admin",]
result["teams"] = ["Administrators", ]
"""
Related Content