Attribute Role Mapping NameID

  • Resolved dmoczisko

    (@dmoczisko)


    5 years, 1 month ago

    We have properly configured the premium version of the plugin to utilize SSO from our Azure AD, however when new users log in they are being created with a username such as 1tvi_8e1qpldtHh2hsq5vK6P-nBFc3vyTLn3v27Xhrg

    We have both Name and Email set to NameID and have tried multiple configurations for Display Name within the role/attribute mapping section.

    Is there a step we are missing? We would like to have new users automatically created within the site with username and email address from our AD.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author miniOrange

    (@cyberlord92)

    Hi @dmoczisko,

    Can you please send me the below information so we can debug the issue further:

    Under the Service Provider Settings tab->Export Plugin Configuration download the json, and send it to me at [email protected].

    We will help you getting this issue fixed in no time! Looking forward to your response.

    Thread Starter dmoczisko

    (@dmoczisko)

    Thank you for the quick reply. I have forwarded the json. Looking forward to hearing from you.

    Thanks!

    Thread Starter dmoczisko

    (@dmoczisko)

    Any updates on this? Rather eager to get this resolved quickly.

    Plugin Author miniOrange

    (@cyberlord92)

    Hi there,

    Thank you for your patience.

    Azure AD is sending the random string of characters as the NameID in the SAML response.
    Since the plugin is configured to use the NameID as email and username, that’s why the username for your users are being mapped to the random string.

    To fix this, please follow the steps provided below:
    1. Navigate to the Service Provider Setup tab of the plugin and click on the Test Configuration button.
    2. Authenticate with your AzureAD account.
    3. After successful authentication, you should see a list of attributes sent by AzureAD.
    4. Now, switch to the Attribute/Role Mapping tab of the plugin.
    5. At the right-hand side of this tab, you should be able to see the list of attributes sent by AzureAD.
    6. For Username and Email fields, map the attribute name using which Azure is sending the email address of the user.
    7. Click on Save and try performing SSO again.

    Note that, since WordPress doesn’t allow changing the username for a user, you can delete the existing user which was created with the random string as the username.

    Let me know if the issue persists.

    Thanks!

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Attribute Role Mapping NameID’ is closed to new replies.