active directory - ADFS not issuing claims from custom attribute stores to some users -


i'm trying work out why of our users aren't issued claims our custom attribute stores.

our main attribute store authentication active directory, using 2 custom attribute stores issue several custom claims users, , perform logging of claims issued. when affected user logs in, authenticated ad, have no more claims added. according logging in our attribute stores, beginexecutequery never called.

i can't see link affected users, seem new users, or users have not logged system in long time. restarting adfs clears problem, whether or not seems random.

i'm trying understand why attribute store ignored adfs on logon users, when works fine others. if there quick guaranteed temporary fix users' claims issued correctly, useful too!

for security reasons, don't have access adfs debug tracing.

this solved longs string of calls microsoft's ad fs support team. problem traced piece of our claims rule language using lastlogon , lastlogontimestamp ad attributes without understanding how behaved. meant users condition grant custom claims never met.


Comments

Post a Comment

Popular posts from this blog

javascript - AngularJS custom datepicker directive -

i make custom datepicker directive custom template. but have no idea how start building it... how include date data directive? i appreciate guide or give me advice work on more precisely. it might you! follow below steps html code sample: <label>birth date</label> <input type="text" ng-model="birthdate" date-options="dateoptions" custom-datepicker/> <hr/> <pre>birthdate = {{birthdate}}</pre> <script type="text/ng-template" id="custom-datepicker.html"> <div class="enhanced-datepicker"> <div class="proxied-field-wrap"> <input type="text" ui-date-format="yy-mm-dd" ng-model="ngmodel" ui-date="dateoptions"/> </div> <label> <button class="btn" type="button"><i class="icon-calendar"></i>
Read more

javascript - jQuery date picker - Disable dates after the selection from the first date picker -

<!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>jquery ui datepicker - default functionality</title> <link rel="stylesheet" href="//code.jquery.com/ui/1.11.4/themes/smoothness/jquery-ui.css"> <script src="//code.jquery.com/jquery-1.10.2.js"></script> <script src="//code.jquery.com/ui/1.11.4/jquery-ui.js"></script> <link rel="stylesheet" href="/resources/demos/style.css"> <script> $(function () { $("#datepicker1").datepicker(); }); </script> <script> $(function () { $("#datepicker2").datepicker(); }); </script> </head> <body> <p>date 1: <input type="text" id="datepicker1"></p> <p>date 2: <input type="t
Read more