I am trying to use claims based authentication through a relying party trust. I am getting two warnings in the ADFS debug logs:
- The implicitUPN retrieved for Active Directory account "DOMAIN\USERNAME" was empty (Code 53)
- LDAPAttributeStoreReader: Attribute value for claimType http://shcemas.microsoft.com/ws/2007/08/ldap/implicitUPN is not found in attribute cache (Code 23)
I am suspecting this is causing downstream issues where I cannot use the resulting claim that is being returned to my .NET application.
The active directory user does have a valid UPN attribute.
Operating against:
Server 2012 R2 ADFS 3.0
ADFS Authentication against Active Directory
Any thoughts or suggestions?