Home

ADFS claims rule - capture hostname

%3CLINGO-SUB%20id%3D%22lingo-sub-25811%22%20slang%3D%22en-US%22%3EADFS%20claims%20rule%20-%20capture%20hostname%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-25811%22%20slang%3D%22en-US%22%3E%3CP%3EI'm%20relatively%20new%20to%20the%20ADFS%20claims%20rule%20language%20so%20looking%20for%20pointers.%20Can%20I%20construct%20a%20claim%20rule%20that%20requests%20the%20device%20name%20of%20the%20calling%20machine%20as%20well%20as%20the%20IP%20address%20so%20that%20they%20are%20captured%20in%20the%20audit%20logs%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20are%20running%20Windows%202012%20R2%20with%26nbsp%3Ball%26nbsp%3Bsuggested%20patches%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMany%26nbsp%3Bthanks%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EPaul%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-25811%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAuthentication%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-28462%22%20slang%3D%22en-US%22%3ERE%3A%20ADFS%20claims%20rule%20-%20capture%20hostname%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-28462%22%20slang%3D%22en-US%22%3ESorry%20for%20the%20delay.%20The%20IP%20address%20doesn't%20help%20if%20it%20is%20a%20mobile%20device.%20In%20the%20claims%20language%20schema%20for%20%22012%20R2%20their%20is%20a%20device%20request%20but%20I%20don't%20know%20how%20to%20request%20this%20piece%20of%20information%20as%20part%20of%20the%20issuance%20process%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-26258%22%20slang%3D%22en-US%22%3ERe%3A%20ADFS%20claims%20rule%20-%20capture%20hostname%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-26258%22%20slang%3D%22en-US%22%3E%3CP%3EIs%20the%20Client%20IP%20not%20enough%20for%20you%3F%20If%20not%2C%20you're%20likely%20going%20to%20need%20some%20kind%20of%20custom%20Attribute%20Store.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Paul Bendall
Contributor

I'm relatively new to the ADFS claims rule language so looking for pointers. Can I construct a claim rule that requests the device name of the calling machine as well as the IP address so that they are captured in the audit logs?

 

We are running Windows 2012 R2 with all suggested patches

 

Many thanks

 

Paul

2 Replies

Is the Client IP not enough for you? If not, you're likely going to need some kind of custom Attribute Store.

Sorry for the delay. The IP address doesn't help if it is a mobile device. In the claims language schema for "012 R2 their is a device request but I don't know how to request this piece of information as part of the issuance process