问题描述
所以我可以指定一个objectGUID属性作为Active Directory声明,它可以很好地检索它。然而,它将其作为Base64编码值发送。
So i can specify as an Active Directory claim an objectGUID attribute and it retrieves it just fine. However it sends it as a Base64 encoded value.
有没有办法格式化它,就像通常看到SID所以没有特殊字符被发送,然后它不需要是Base64编码?
Is there a way to format it like the SID is normally seen so there are no special characters being sent and it then doesn't need to be Base64 encoded?
我希望有一个声明描述名称和模式我可以用于objectGUID,就像有主要SID一样。
I was hoping there was a Claim Description name and schema i could use for objectGUID like there is for Primary SID.
任何人都有一个以及如何将其添加到ADFS 2.0声明描述?
Does anyone have one and how to add it to ADFS 2.0 Claim Descriptions ?
推荐答案
我只是组成一个自定义声明描述命名空间,如
http://claims.mycompany.com/objectGUID 。
I would just make up a custom claim description namespace like http://claims.mycompany.com/objectGUID.
如果是AD中的Base64,那么您可以使用自定义规则存储,以便执行转换声明的存储过程。您可以使用类似的东西从Base64解码它:
。
If it is Base64 in AD then you could use a custom rule store so you could execute a stored procedure to transform the claim. You could use something like this to decode it from Base64:http://www.sqlservercentral.com/scripts/Miscellaneous/31309/.
谢谢,
这篇关于使用objectGUID来声明什么是最好的架构?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!