Complete the following to configure attribute source and user lookups for the HTML Form Adapter instance and token processor parts of the setup process.
- On the Attribute Sources & User Lookup tab, click Add Attribute Source.
- On the Data Store tab, enter an attribute source ID and description of your choosing.
- From the Active Data Store list, select the datastore connection that you created in Configuring an LDAP connection.
- On the LDAP Directory Search tab, in the Base DN field, enter the base DN that contains the users whose attributes you want to retrieve. For example, CN=Users,DC=contoso,DC=com.
- From the Root Object Class list, select <Show All Attributes>.
- From the Attribute list, select objectGUID. Click Add Attribute.
- From the Attribute list, select userPrincipalName. Click Add Attribute. Click Next.
- On the LDAP Binary Attribute Encoding Types tab, click Next.
-
On the LDAP Filter tab, enter a filter to limit the
search, and then click Next.
Example filter for a username token processor:
Example filter for a Kerberos token processor:(|(sAMAccountName=${username})(userPrincipalName=${username}))
userPrincipalName=${principal}
Note:In this context, the username is always sent as a UPN.
- Click Done.