Custom attributes to the IdP

Peter Schober peter.schober at
Wed May 4 09:35:50 EDT 2016

* Sowmya Vallabhajosyula <sowmya.v at> [2016-05-04 15:14]:
> If I would like to send an extra custom attribute to IdP which I
> would like to use as ou partition of ldap. How can I achieve this?

You want to send some part of the LDAP object's DN as a SAML
Attribute? See Douglas' answer from yesterday about the 'entryDN'
operational attribute. If your LDAP DSA does not support that I think
the LDAP middleware used in the Shibboleth IDP can produce something
with the same value internally, check the documentation.

Once you have that pulled into an IDP internal attribute you can
create a Script type attribute defintion that parses out the value
you're looking for.

More information about the users mailing list