Azure SAML 2.0 settings to capture the User DN or Group
PSD Newbie ✭
edited January 2021 in Secure Mobile Access Appliances
Hi, I able to authenticate the Azure User via SAML on SMA 12.4. Seems like SMA unable to get the user Group and make the "Group" mapping policy failed. Anyone know any special configruation that we need to configure at Azure, especially section#2 in Azure Sigle Sign-on setup page? Thanks a lot for prompt advise.
Category: Secure Mobile Access Appliances
Hey! You will be signed out in 60 seconds due to inactivity. Click here to continue using the site.
12.4.1 will support SAML Group attribute, on 12.4, you can workaround this by using LDAP and sync SAML data.
@PSD 12.4.1 will support Groups for SAML authentication servers (Azure in your case).
On 12.4.0 and below, if you have your Active Directory on your internal network you can use it for group authorization by enabling group affinity - refer "Enabling Group Affinity Checking in a Realm" section under Admin guide to know more about this option. Once enabled, you can use SAML (Azure) realm to create mapped accounts and use them as needed.
Let me know if above suggestion worked for you.