Second Office365 Domain requires different "Issuer URI"
cantor.2 at osu.edu
Mon May 22 09:26:07 EDT 2017
> In my understanding, the "PostLookupPopulateAuditContext" action in the
> "saml.abstract" flow is responsible for obtaining the entity ID written to the audit log. This action is
> run before authentication and attribute resolution occur, therefore the required
> attribute is not yet available, and the default entity ID is returned.
> I'm not sure how this can be fixed.
You can add the same field extractor to one of the later-run maps of extractors so it overwrites the value. All the maps are user-configurable, they supplement or override the system maps.
As for the artifact thing, that seems somewhat odd to me but as I told the OP, this is the kind of thing that is bound to cause problems.
More information about the users