Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry Workspaces
  3. BlackBerry Workspaces Server 11
  4. BlackBerry Workspaces SAML SSO Integration Guide
  5. AD FS
  6. Configuring the BlackBerry Workspaces Settings
  7. Set the issuance authorization rules

Set the issuance authorization rules

On the
Issuance Authorization Rules
 tab you configure the send LDAP attributes as claims rule and the permit all users rule. The permit all users rule is optional. Consult your AD FS IT team to determine if this rule is required for your organization.
  1. Access the Edit Claim Rules application.
    1. Click
      Relying Party Trust
      .
    2. Right-click the new
      BlackBerry
      Workspaces
       Party Trust and select
      Edit Claim Rules
      .
  2. Click the
    Issuance Transform Rules
     tab.
  3. Click
    Add rule...
    Send LDAP Attributes as Claims
    Next
    .
  4. Assign values to the rule parameters.
    Rule parameter
    Value
    Claim Rule Name
    Get LDAP Attributes
    Attribute Store
    Active Directory
  5. Configure the LDAP attribute, and click
    OK
    .
    LDAP attribute
    Outgoing claim type
    Email-Addresses
    Email address
  6. Click
    Add rule...
    Permit All Users
    Next
    Finish
    .