Hello,
i currently stuck with following scenariao:
I have SharepointFarm (2013) hosting Webapp with 2 different Zones - one for internal access (WindowsAuth) and another Zone for external access with trusted identity provider - ADFS.
External-ADFS User uses certificates for authentication - this works fine so far. Sure i need to give the adfs-user separat permission (AD and ADFS-User are not the same).Finally ive read that it is possible to use the AD-Group-Membership to gain permissions in Sharepoint. Great! So i dont need to put every single (ADFS) user separatly.
I use LDAPCP from Codeplex to resolve the correct group in Sharepoint.
But it still wont work - a single user can join and have access based on his permissions, a new user (only member of AD Group/ AD Group(ADFS) is present in Sharepoint) cant access any of the documents.
What do i need to configure? Ive tried "Send group membership as Claim" in ADFS.
Any advice? Please let me know if you need more details on Platform, Configuration of ADFS, Claimsmapping in SharePoint.
Thank you for a quick reply.