Office 365 Multi-Domain
cantor.2 at osu.edu
Mon Jul 27 17:52:09 UTC 2020
On 7/27/20, 1:13 PM, "users on behalf of Matt Brennan" <users-bounces at shibboleth.net on behalf of brennanma at gmail.com> wrote:
> TL;DR: Is there a guide somewhere on how to do this properly?
Well, step one is filing a bug, because this is ridiculous.
That aside, the way to do it is:
1. Upgrade, because it's not supported In V3.
2. A responderIdLookupStrategy, in some form. I can't give you a script because I have no idea on what basis the value would be derived, but the script should NOT need to do a ton of work. It certainly does not need to resolve attributes or anything like that.
3. Configuring the context-check interceptor to signal back the event "UpdateSecurityParameters" when this needs to happen. This will cause the system to re-derive various settings, including the entityID, to update the outgoing message.
#3 is not (well) documented, it was implemented  at SWITCH's request as a supported way to get all the internals to update without having to mess around with them and break abstraction. It's mentioned very briefly in . I'll try and put a mention of it in the context-check topic.
More information about the users