Unsure why an Attribute is not being released?
Christopher Bongaarts
cab at umn.edu
Thu Nov 1 13:24:46 EDT 2012
On 11/1/2012 12:17 PM, Kanuch, Andrew wrote:
> Hello,
>
> I recently setup our first IDP, and I’m attempting release a specific
> attribute from AD, but it does not appear to be working. The IDP is
> working, and authenticates successfully, it just doesn’t release the
> specified attributes. Could you please tell me if I’m missing a step
> somewhere?
Check your IdP's audit log entry for the authentication. One of the
fields contains which attributes were released. Looks like you should
see some sort of persistent ID in the list already. If you don't see
givenName in the list, since your attribute-filter excerpt looks
correct, I'd verify that your DataConnector is correctly configured and
has sufficient privileges to retrieve the givenName attribute from your
LDAP directory. If you turn up the AttributeResolver logging to DEBUG,
you should be able to see whether Shib was able to retrieve the value of
that attribute.
--
%% Christopher A. Bongaarts %% cab at umn.edu %%
%% OIT - Identity Management %% http://umn.edu/~cab %%
%% University of Minnesota %% +1 (612) 625-1809 %%
More information about the users
mailing list