问题描述

所以我可以指定一个objectGUID属性作为Active Directory声明，它可以很好地检索它。然而，它将其作为Base64编码值发送。

So i can specify as an Active Directory claim an objectGUID attribute and it retrieves it just fine. However it sends it as a Base64 encoded value.

有没有办法格式化它，就像通常看到SID所以没有特殊字符被发送，然后它不需要是Base64编码？

Is there a way to format it like the SID is normally seen so there are no special characters being sent and it then doesn't need to be Base64 encoded?

我希望有一个声明描述名称和模式我可以用于objectGUID，就像有主要SID一样。

I was hoping there was a Claim Description name and schema i could use for objectGUID like there is for Primary SID.

任何人都有一个以及如何将其添加到ADFS 2.0声明描述？

Does anyone have one and how to add it to ADFS 2.0 Claim Descriptions ?

推荐答案

我只是组成一个自定义声明描述命名空间，如
http://claims.mycompany.com/objectGUID 。

I would just make up a custom claim description namespace like http://claims.mycompany.com/objectGUID.

如果是AD中的Base64，那么您可以使用自定义规则存储，以便执行转换声明的存储过程。您可以使用类似的东西从Base64解码它：
。

If it is Base64 in AD then you could use a custom rule store so you could execute a stored procedure to transform the claim. You could use something like this to decode it from Base64:http://www.sqlservercentral.com/scripts/Miscellaneous/31309/.

谢谢，

这篇关于使用objectGUID来声明什么是最好的架构？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！