Missing Attributes
Robert Lamothe
robert_lamothe at yahoo.com
Tue Mar 6 15:13:19 EST 2018
Hello Shib Users,
I have a curious situation.
I have an SP that our users use and I've noticed that not all users get the same attributes sent. For example, when I login I get the following attributes:
"name": "eduPersonPrimaryAffiliation",
"name": "mail",
"name": "displayName",
"name": "surname",
"name": "givenName",
"name": "eduPersonPrincipalName",
Another user gets the following:
"name": "mail",
"name": "displayName",
"name": "surname",
"name": "givenName",
"name": "eduPersonPrincipalName",
As you can see "eduPersonPrimaryAffiliation" is missing on this second user.
So, my questions are:
1) Is this more likely an AD issue or a Shibboleth issue?
2) If an attributed isn't populated in AD will it not be visible in Shibboleth
I have two shibboleth clusters because 1 of our SPs needs the NameID property to deliver email, and the second cluster has NameID set to transient which is required by other SPs. I see the same behavior on both clusters so either I made the same mistake on both clusters or AD is somehow behind it.
Thanks in Advance-Bob --
Bob Lamothe
robert_lamothe at yahoo.com
KB1BOB
603-918-6336
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20180306/574ec1f4/attachment.html>
More information about the users
mailing list