Testentry

$DirectoryCred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $ldapuser,$ldapPass
$LdapConn = New-AdfsLdapServerConnection -HostName adfs-lws1.adfslab.de -Port 389 -SslMode None -AuthenticationMethod Negotiate -Credential $DirectoryCred
write-host "Connected to: " $LdapConn.HostName
#Map claims
$GivenName = New-AdfsLdapAttributeToClaimMapping -LdapAttribute givenName -ClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"
$Surname = New-AdfsLdapAttributeToClaimMapping -LdapAttribute sn -ClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"
$CommonName = New-AdfsLdapAttributeToClaimMapping -LdapAttribute cn -ClaimType "http://schemas.xmlsoap.org/claims/CommonName"
$Email = New-AdfsLdapAttributeToClaimMapping -LdapAttribute email -ClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/email"
$UPN = New-AdfsLdapAttributeToClaimMapping -LdapAttribute UPN -ClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/UPN"
Add-AdfsLocalClaimsProviderTrust -Name "ADLDS" -Identifier "urn:testing" -Type Ldap -LdapServerConnection $LdapConn -UserObjectClass user `
-UserContainer "CN=Users,DC=adfslab,DC=de" -LdapAuthenticationMethod Basic -AnchorClaimLdapAttribute mail -AnchorClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" `
-LdapAttributeToClaimMapping @($GivenName, $Surname, $CommonName, $Email, $UPN) -AcceptanceTransformRules "@RuleName = `"Issue All Mapped Claims`"`nc:[] => issue(claim = c);" `
-Enabled $true -OrganizationalAccountSuffix "adfslab.de"

 

Tesfsdfsdfsdfsdf

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.