New Post: LDAP CP Configuration settings
Hello, We're using LDAPCP_Custom solution and observed that the LDAP CP Configuration pages in central admin are not working and LDAPCP_Custom is not taking the settings from LDAP CP Configuration...
View ArticleNew Post: LDAP CP Configuration settings
Hello, with the latest version I moved the admin pages into user controls, so it should be fairly simple to do but I never tried... If you want to give it a try, you can create a page that adds user...
View ArticleNew Post: Unexpected error in Augment
The augmentation doesn't work all the time.When it doesn't work some users it works for others (random) It's not frontend specific Can you help us out? 01/16/2017 09:35:48.16 w3wp.exe (0x16BC) 0x1580...
View ArticleNew Post: Unexpected error in Augment
Interesting, can you please give me more insight:Does this error occur only during augmentation?Can you confirm you use the default LDAP connection?Do you have other custom LDAP connections?Does it...
View ArticleNew Post: Source Code Version
Hello, i'm not sure but it seems i can't get source for Version 5.1 of LDAPCP. Why there is the last commit for Version 4.0 in source tree. How i can get source for Version 5.1 Regards, Joerg
View ArticleNew Post: Unexpected error in Augment
Does this error occur only during augmentation? Yes, did some searches on IClassFactory and syntax in the ULS logging, only shows up in augmentation. Can you confirm you use the default LDAP connection...
View ArticleNew Post: Unexpected error in Augment
Hmm, it's interesting that it fails only with augmentation. Augmentation happens only in the STS of SharePoint, which runs with the farm account, whereas all other requests made by LDAPCP run in the...
View ArticleCreated Unassigned: Cannot pick AD groups with the picker [2541]
We managed to configure the picker, but noticed that we cannot resolve/add AD groups when we have it enabled. Am I missing something? Can someone please advise how to configure it properly so ut can...
View ArticleCreated Unassigned: Default exclude AD local domain groups via LDAP filter...
According to MS best practices ADFS does not add local domain group memberships as "role" claim,since these type of AD groups shouldnt contain usersOnly AD global and universal groups should contain...
View ArticleNew Post: Please update roll back procedure
Hi, I spent a fair amount of time in uninstalling LDAPCP . The LDAPCP is listed as Claimsprovider even after deactivating the feature and removing it . It does not change back to default . I used below...
View ArticleNew Post: Please update roll back procedure
hello, I really wish there is an easier way that does not involve to remove and recreate the SPTrustedIdentityTokenIssuer object, but your script uses reflection to reset property m_ClaimProviderName,...
View ArticleClik here to view.
New Post: Group Augmentation
Hi there, Having a crash course on SAML, Sharepoint and claims to implement a solution so apologies if I've got something simple wrong. To set the scene I have a SAML IdP providing 2FA to a Sharepoint...
View ArticleNew Post: Group Augmentation
Hi Nic, the configuration looks correct, but did you check how roles are formatted by the IDP? In the screenshot roles value are "domain users" or "users", so the IDP must send them like this too. And...
View ArticleNew Post: Group Augmentation
Hi Yvan, Thanks for the reply, yes the IdP sends the same format value and claim type, SSO tracer shows the following in the assertion<saml:Attribute AttributeName="Group"...
View ArticleNew Post: Group Augmentation
Hello Nic, So your IDP configuration matches LDAPCP config, but you cannot use the Windows groups claim types, you must migrate them to the role claim type you defined in the...
View ArticleNew Post: Group Augmentation
Ahhhh ok that sort of makes sense :-) so because the claim type is 'w' for a windows claim the SAML claim doesn't apply? If I change the role though I presume that basic Windows authenticated users...
View ArticleNew Post: Group Augmentation
True and true :) if you don't want to migrate the role account (for the good reason that you mentioned), you can simply create a new one in trusted (SAML) format, through the people picker
View ArticleNew Post: Group Augmentation
Super super, think I misunderstood the purpose of LDAPCP augmentation, was hoping that the information it populated the claim with would enable the existing Sharepoint permissions to "just" work. It...
View ArticleNew Post: mistake in uninstalling the ldapcp
Yvand wrote: Where are you looking at? In .NET 4.5, GAC is located in C:\Windows\Microsoft.NET\assembly I am using version 3 of the ldapcp code on a .Net 4.5 machine. The ldapcp.dll is installed across...
View Article