How do I iterate an AD attribute as a claims rule in ADFS?
More specifically, I'd like to check whether the user's proxyAddresses contains a predetermined domain, and if so, return that email as Name ID, else the the user's main email.
You would use regex on the claims rule to check for the domain and if there, issue the NameID claim.
Then use a "NOT EXISTS" rule.
So something like:
NOT EXISTS([Type == "http://contoso.com/NAMID"])
=> add(Type = "http://contoso.com/hasNAMEID", Value = "No");
Sample Rule 2:
c1:[Type == "http://contoso.com/hasNameID"] &&
c2:[Type == "http://contoso.com/email"]
=> issue(Type="http://contoso.com/email", Value=c2.value);
Using the normal email claim type etc.
And about 10 minutes after writing this, I found this example that shows the solution in more detail.
I played around a bit yesterday, and ended up with the following, which seems to work, but perhaps not the cleanest way?
Rule #1:
Regular attribute claim for Proxy-Addresses and User-Principal-Name
Rule #2:
c:[Type == "fake/proxyAddresses", Value =~ "subdomain.example.com$"]
=> issue(Type = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", Value = RegExReplace(c.Value, "smtp:", ""));
Rule #3:
NOT EXISTS([Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier"])
=> add(Type = "fake/UseUPN", Value = "Yes");
Rule #4:
c1:[Type == "fake/UseUPN"]
&& c2:[Type == "fake/UPN"]
=> issue(Type = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", Value = c2.Value);
Related
i'm new to ADFS claim rules and struggling with a custom rule.
What i want to do is filter groups based on group names, and then return the matched groups as SIDs. I also want to return UPN, Email, Surname, GivenName and WindowsAccountName along with these, but the filtered groups are most important.
I've tried this with no success:
c:[Type == "http://schemas.xmlsoap.org/claims/Group", Value =~ "(?i).+(Test|Test2).+"]
=> issue(Type = "https://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid");
Can anyone help me creating this rule or point me in the right direction? I would also appreciate an explanation of the rule if you bother.
You first need a rule to create the groups.
So in the wizard, set an LDAP rule.
On the LHS, choose, "Token-Groups - Unqualified Names".
On the RHS, choose "http://schemas.xmlsoap.org/claims/Group".
You now have something to run the regex on.
c:[Type == "http://schemas.xmlsoap.org/claims/Group", Value =~ "(?i).+(Test|Test2).+"]
=> issue(Type = "https://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid", Value=c.value);
What the rule says is take all claims of type "http://schemas.xmlsoap.org/claims/Group", run the regex, if true, create a groupsid claim with the value of the Group claim.
Note that if more than one group matches the regex, you will get multiple claims of type groupsid.
Also, look here for reference.
This gives the user params i want, filters groups based on names, and returns groups as both unqualified names and SIDs
Get groups:
c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"]
=> add(store = "Active Directory", types = ("http://schemas.xmlsoap.org/claims/Group"), query = ";tokenGroups;{0}", param = c.Value);
Filter and issue groups:
c1:[Type == "http://schemas.xmlsoap.org/claims/Group", Value =~ "INSERT-REGEX-HERE"]
&& c2:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"]
=> issue(store = "Active Directory", types = ("https://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid", "http://schemas.xmlsoap.org/claims/Group"), query = "(&(name={0}));objectSid,name;{1}", param = c1.Value, param = c2.Value);
Issue user params:
c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"]
=> issue(store = "Active Directory", types = ("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn", "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname"), query = ";givenName,sn,mail,userPrincipalName,sAMAccountName;{0}", param = c.Value);
I need to get the count of IN / in / In from SoccerStatus regardless if the records are saved in upper case, lower case or a combination of both ie IN or in or In from SQLite database in Xamarin Forms. How can I achieve that ?
var count_in = (from x in conn.Table<SoccerAvailability>().Where(x => x.SoccerStatus == IN) select x).Count();
Use string.Equals and tell it to ignore case...
var count_in = (from x in conn.Table<SoccerAvailability>().Where(x => string.Equals(x.SoccerStatus, "IN", StringComparison.OrdinalIgnoreCase)) select x).Count();
EDIT: Per your comment I see that the Linq provider you're using doesn't support string.Equals. You can try the following which should be more portable but possibly a bit slower...
var count_in = (from x in conn.Table<SoccerAvailability>().Where(x => x.SoccerStatus.ToUpper() == "IN") select x).Count();
I would like to retrieve the userInfoId from the database and pass it into var where the Login username is Kenny. However, the value returned to u was 0 instead of the desired value. I have tried selecting another username but the result was still the same.
var u = Database.UserInfo
.Where(userinfo => userinfo.LoginUserName == "BEN")
.Select(x=> x.UserInfoId)
.FirstOrDefault();
Put some breakpoints and see what you have inside u, Use the query below and you should be good to go. Make sure the table/column names are correct according to your db.
int userInfoId = (from x in context.UserInfo
where x.LoginUserName == "Kenny"
select x.UserInfoId).SingleOrDefault());
if (userInfoId > 0){
// user exists and do what you wish to next
}
else {
// user does not exist
}
I have, what I thought was a pretty straight-forward query.
In normal Sql this would read:
SELECT [column names]
FROM agentscheduledetail
WHERE (date = '2012-07-04') AND
(
exception = 'Break (No Sign Off)' OR
exception = 'Break' OR
exception = 'Break (Signed Out)'
)
This returns approx 900 records.
However, when I try to enter this into my controller, I end up with around 300,000 records - so I think my AND and ORs are not working. I've tried Linqer, but can't get it to work (I'm aware this may not be actual LINQ but the equivalent query in VS - if there is a linq version... I'd be grateful for that too if possible).
My controller query is:
var dte = DateTime.Today;
return View(db.agentscheduledetails.Where
(
d => d.date == dte && d.agentName.StartsWith("ta") &&
(
d.exception == "Break (No Sign Off)" ||
d.exception == "Break" ||
d.exception == "Break (Signed Out)"
)
).ToList()
);
Can anyone either a) let me know where I'm going wrong with my && || (and/or), or b) is there a way of stepping through the code in VS, to see what the above query translates to in normal SQL so I can try to figure out where I'm going wrong?
Thanks for any help,
Mark
The following is perhaps a simplified version of what you are trying to do, also your LINQ contains an additional statement compared to the SQL where it is comparing the agent name?
var currentDate = DateTime.Today;
var exceptionTypes = new List<string>() { "Break (No Sign Off)",
"Break", "Break (Signed Out)" };
db.agentscheduledetails.Where(d => d.date == currentDate &&
exceptionTypes.Contains(d.exception));
One thing that you could try is getting hold of a copy of LinqPad, this will let you run your LINQ statement against a database and will show you what the generated SQL statement is.
Aside from anything else,
d.agentName.StartsWith("ta")
does not appear in your original sql...?
I have a LINQ query like this:
from i in _db.Items.OfType<Medium>()
from m in i.Modules
from p in m.Pages
where i != null && i.Type == 1 && i.Published == true && p.PageId == 2
select p
I use the query like this because I have strongly typed view (ASP.NET MVC).
I need to have items sorted by the i.Sort property. orderby i.Sort and i.OrderBy(it => it.Sort) doesn't work. How can I fix this?
When sorting with Linq you usually give OrderBy a property, and eventually an IComparer, not a sorting function. For example:
class Person {
public int Age {get; set;}
}
public static void Main() {
var ps = new List<Person>();
ps.Add(new Person{Age = 1});
ps.Add(new Person{Age = 5});
ps.Add(new Person{Age = 3});
var sorted = ps.OrderBy(p => p.Age);
foreach(p in sorted) {
Console.WriteLine(p.Age);
}
}
Here Linq will know how to correctly sort integers.
Without giving more context (such as what exactly is i.Sort, what is its purpose, what do you want to do with it), it would be difficult to be more specific to your problem.
However, I'm pretty sure you are misunderstanding OrderBy: you should give it a lambda expression that identifies a property of the objects contained in your sequence, and then Linq will sort your sequence according to the usual order of the type of that property (or according to another order you define for that type, by using IComparer).
Let's say your Pages include page-numbers among their properties. Let's pretend this property is called "pagenumber". You would then add the following 'orderby' line between the 'where' and 'select' lines.
// (snip...)
where i != null && i.Type == 1 && i.Published == true && p.PageId == 2
orderby p.pagenumber
select p
Or maybe you don't have page numbers, but only page titles. You would do nearly the same thing:
where i != null && i.Type == 1 && i.Published == true && p.PageId == 2
orderby p.title
select p
Just from reading your code, I can't tell what criteria should be used for sorting. You need some kind of ordered element, an id number, a page number, or some text can be alphabetized.
from i in _db.Items.OfType<Medium>().OrderBy(x => x.Sort)
...