由于缺少名称标识符声明规则， SAML 身份验证失败

适用场景

• ONTAP System Manager 9.3 及更高版本
• 安全断言标记语言（ SAML ）

问题描述

IdP 服务器上缺少声明规则（ NameIdentifier ）

Web UI 错误：

No issue logging in. You may get lucky with login

集群 shibd.log

00000030.00039c10 073559fe Tue Nov 17 2020 11:15:16 -05:00 [kern_shibd:info:59302] INFO Shibboleth.SessionCache [2] [default]: new session created: ID (_5f8d9ac7ca4d3005e527e81c89cd0cc7) IdP (http://adfs2/adfs/services/trust) Protocol(urn:oasis:names:tc:SAML:2.0:protocol) Address (ADFS_Server)
00000030.00039c11 073559fe Tue Nov 17 2020 11:15:16 -05:00 [kern_shibd:info:59302] INFO Shibboleth-TRANSACTION [2] [default]: New session (ID: _5f8d9ac7ca4d3005e527e81c89cd0cc7) with (applicationId: default) for principal from (IdP: http://adfs2/adfs/services/trust) at (ClientAddress: ADFS_Server) with (NameIdentifier: none) using (Protocol: urn:oasis:names:tc:SAML:2.0:protocol) from (AssertionID: _31a175d6-109d-489e-ac00-d34ebcc5a0ff)
00000030.00039c12 073559fe Tue Nov 17 2020 11:15:16 -05:00 [kern_shibd:info:59302] INFO Shibboleth-TRANSACTION [2] [default]: Cached the following attributes with session (ID: _5f8d9ac7ca4d3005e527e81c89cd0cc7) for (applicationId: default) {
00000030.00039c13 073559fe Tue Nov 17 2020 11:15:16 -05:00 [kern_shibd:info:59302] INFO Shibboleth-TRANSACTION [2] [default]: ^Iuid (1 values)
00000030.00039c14 073559fe Tue Nov 17 2020 11:15:16 -05:00 [kern_shibd:info:59302] INFO Shibboleth-TRANSACTION [2] [default]: }