Policy Server Guides › Policy Design Guide › Authentication Schemes › MS Passport Authentication Schemes › Passport Authentication Prerequisites › Map Search Specifications for Passport Authentication

Map Search Specifications for Passport Authentication

In order for SiteMinder to recognize the identity established through Microsoft® .NET Passport, a search specification must be configured to allow SiteMinder to locate the Passport Unique ID (PUID) in a particular user directory type.

You can configure a search specification for the following namespaces:

• ODBC
• Custom

Note: SiteMinder does not support Passport authentication using a WinNT user directory.

To map a search specification for a namespace

1. Configure the authentication scheme as described in MS Passport Authentication Schemes.
2. In the Scheme Setup tab, locate the Map Search Root Specification to Namespace group box.
3. Select the appropriate namespace from the list.

   Note: The authentication scheme can be configured to provide a search specification for one or more directory types.

4. Click Edit.

   The Namespace Mapping dialog opens.

5. In the Search Specification field, enter the appropriate mapping.

   Mappings should be configured as follows:

   • An ODBC search specification is configured as follows:

     PassportUID=PUID:%s@company.local
     

   • A custom directory specification is configured as follows:

     PassportUID=PUID:%s@company.local
     

6. Click OK.

   The Namespace Mapping dialog closes and the search specification appears in the Map Search Specification to Namespace group box.