Previous Topic: Configure AffiliationsNext Topic: Specify Users for Disambiguation for SAML Affiliations

Federation Security Services GuideConfigure SAML 2.0 Affiliations At the Identity ProviderConfigure AffiliationsAssign Name IDs to Affiliations

Assign Name IDs to Affiliations

To assign a name ID associated with an affiliation, you need to configure the shared Name ID properties for the Service Providers belonging to the affiliation.

Note: If you use an affiliation, configuring a Name ID is required.

To configure a name ID

  1. Select the Name IDs tab from the SAML Affiliation Properties dialog box.
  2. Determine the value to use for the Name ID format.

    The format determines the type of value used for the identifier, such as whether the format is an email address or Windows domain qualified name.

  3. Choose a Name ID Type.

    The type indicates if the value is static, a user attribute, or a distinguished name attribute from a user store.

    If you select the DN Attribute, the Allow Nested Groups check box can also be selected. Enabling nested groups means that the user record may be a DN from a user directory record nested within another directory.

  4. Depending on the Name ID Type selected, fill-in the appropriate Name ID field(s).
  5. Click OK to save your changes.