Set up an issuance transform rule for the Common Services
instance registered as an application group in AD FS. The login information for the Hitachi Ops Center Portal is transmitted to
Common Services is based on these settings.
- Log in to the AD FS server.
- Select Start > Windows Administrative Tools > AD FS Management.
-
From the tree on the left, select AD FS > Application Groups. In the middle pane, select the application group for Common
Services, and then in the right pane, click
Properties.
The properties window for the application group appears.
-
For Applications, select application-group-name- Web API and then
click Edit.
The properties window for the Web API appears.
-
On the Issuance Transform Rules tab, click Add
Rule.
The Add Transform Claim Rule Wizard dialog box opens.
- On the Select Rule Template window, select Send LDAP Attributes as Claims for Claim rule template, and then click Next.
-
On the Configure Rule window, set the following items, and then click
Finish.
- Claim rule name
- A name of your choice
- Attribute store
- Select Active Directory.
- Mapping of LDAP attributes to outgoing claim types
-
Set the following values.
Value to specify for LDAP Attribute
Value to specify for Outgoing Claim Type
Either of the following LDAP attributes for which an email address is registered in the system:
- User-Principal-Name
- E-Mail-Addresses
E-Mail Address
Given-Name
Given Name
Surname
Surname
Token-Groups - Qualified by Domain Name
Group
Note: Make sure that the email address, surname, and given name of the Active Directory user for the Hitachi Ops Center Portal are set for the LDAP attributes that you specify. If this information is not set, the user cannot log in.
- Verify that the Claim rule has been added to the Issuance Transform Rules tab, and then click OK.