Previous Topic: Add a SAML 2.0 Service Provider to an Affiliate DomainNext Topic: Exclude a User or Group from Service Provider Access

Federation Security Services GuideConfigure SiteMinder as a SAML 2.0 Identity ProviderSelect Users For Which Assertions Will Be Generated

Select Users For Which Assertions Will Be Generated

When you configure a Service Provider, you include a list of users and groups for which the Assertion Generator will generate SAML assertions. You may only add users and groups from directories that are in an affiliate domain.

To specify users and groups that have access to Service Provider resources

  1. Log into the FSS Administrative UI.
  2. Access the SAML Service Provider Properties dialog box and select the Users tab.

    If the associated affiliate domain contains more than one user directory, the directories appear as subordinate tabs on the Users tab.

  3. Click the Add/Remove button.

    The Users/Groups dialog box opens.

  4. To add users, select an entry from the Available Members list and click the Left Arrow button, which points to the Current Members list.

    The opposite procedure removes users from the Current Members list.

    You can select multiple entries by holding the CTRL or SHIFT key and clicking entries in one of the Members lists. When you select multiple entries and click one of the Arrow buttons, the FSS Administrative UI moves all of the selected entries.

    Individual users are not displayed automatically. However, you can use the Search utility to find a specific user within one of the listed groups. Different types of user directories must be searched differently.

  5. Click OK to save your changes.