Hello SharePoint gurus,
I am attempting to configure SharePoint 2013 to consume an incoming claim from ADFS 2.0 and then to take the claim and turn it into a Windows Token identity.
The goal is to allow remote users to log in to my SharePoint site using Federated SSO but then to have "shadow users" on my Active Directory to represent the users so that I can provision access to theAD groups that the users belong to.
I opened a call with Microsoft PSS and was told that this isn't possible and that if I wanted to send in a SAML identity (UPN) to SharePoint, that I had to use SharePoint groups and that I couldn't translate that SAML identity into a Windows identity.
Can you offer comment as to whether this is possible? If so, could you please point me in the right direction as to how to make certain that C2WTS is receiving my claim from ADFS 2.0?
Thanks so much for this great forum!
