SiteMinder Agent for SharePoint GuideFeatures to Set Up Following Basic Installation and Configuration of the Agent for SharePointClaims ProviderAgent for SharePoint Virtual Attribute Mappings › Role Claims

Previous Topic: Create Attribute Mappings for Group-based Claims in Active Directory

Next Topic: Create an Attribute Mapping for a Role-based Claims in LDAP Directories
Role Claims

You can also configure any number of claims in Name=Value format. These name/value pairs are often named role claims.

Role claims are found by reading a configurable attribute on the user record in your user directory. You can then assign any name you want for the claim. For example, you can name a claim “userrole” and configure it to point to the “employeeType” attribute in your LDAP directory.

After authentication the Agent for SharePoint creates a name/value pair such as “userrole=manager” for the claim. If the "employeeType" attribute for the authenticated user contains the value named manager, SharePoint allows the user access to the resource.