I need some time digest your proposed solution. Here is what I have done :
1) Add following two lines to
<authorizationdomain domain="spn" name="SharePointNative"/>
<authorizationdomain domain="spad" name="SharePointActiveDirectory"/>
2) restart mcf
3) Go to "List Authority Connections" add/edit "Authorization domain:" to connections. ("SharePointNative" and "SharePointActiveDirectory") appears in pull down menu.
4) Issue a search with following parameters
Seem working for now. I will read more and ingest these stuff seems pretty confusing :)
Thanks for your help,
On Wednesday, April 30, 2014 2:57 PM,
Karl Wright <email@example.com> wrote:
The authorization domains declared in connectors.xml are NOT Active Directory domains. They are instead arbitrary. The end-user documentation describes this in some detail, and I'll send you a reworked chapter of ManifoldCF in Action which describes how these work.
On Wed, Apr 30, 2014 at 7:33 AM, Ahmet Arslan <firstname.lastname@example.org>
For some reason, we have different rights for the same username with different suffixes (@g-b.entp and @g-b)
What we are trying to do is to merge rights.
I see following in connnectors.xml
<!-- authorizationdomain domain="AD" name="ActiveDirectory"/-->
AD is the part where we pass parameters of AuthenticatedUserDomain=AD. But
what is the name (ActiveDirectory) part? How it is connected to our defined authorities?
If you want to pass in two different user names, you need to specify two domains. Before you can specify two domains, you have to register the domains you use. See connectors.xml (or connectors-proprietary.xml) for how to register domains. Then, specify domain_0= and domain_1= in your
url as well. Make sure your two authorities are also configured to use the appropriate authoritization domain as well.
If you really have just *one* user name, and want to map it to *two*, consider using a regular expression mapper to modify the name for one of your authoriities instead.
Hope this helps.