Yep, you also need to add the uid as the ImmutableId on creation of the accounts in office365. How are you syncing users to office365? To set the ImmutableId on a user via powershell: Set-MsolUser -UserPrincipalName [email protected] L -ImmutableId 71cfd66c-2c72-43ee-a88e-8e29458eb3b0
On Tuesday, July 2, 2019 at 9:38:53 AM UTC-5, Alfonso Veraluz wrote: > > Hello. > > I have a CAS 5.2.3 running fine with a Tomcat 8.0.32, Openjdk 1.8 and > connected to a OpenLdap so my users can login with the uid and the mail. > This CAS is actually providing SSO between Alfresco and Liferay. > > I want to add the SSO with Office365 but only for a particular public > domain and there are some questions: > > 1.- What FederationMetadata.xml is needed to provide in CAS, the one in > https://nexus.microsoftonline-p.com/federationmetadata/saml20/federationmetadata.xml > > or the one with my EntityID provided from the Portal Azure Admin section? > 2.- How to map the mail in the OpenLdap to be the same at O365 account? > It's suposed the idp will map in the cas.samlSp.office365.attributes? > > adding this to my cas.properties should be enough? > > #/etc/cas/saml/frommsoft/federationmetadata.xml from > https://nexus.microsoftonline-p.com/federationmetadata/saml20/federationmetadata.xml > > cas.samlSP.office365.metadata=/etc/cas/saml/frommsoft/federationmetadata.xml > cas.samlSp.office365.name=O365 > cas.samlSp.office365.description=Office365 Integration > cas.samlSp.office365.nameIdAttribute=scopedImmutableID > cas.samlSp.office365.attributes=IDPEmail,ImmutableID > > Thanks your comments. > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/7b22e5dd-94fc-4e47-a1fe-7303ed02cb69%40apereo.org.
