To Map AD FS Claims to Roles in MYOB Advanced

After you have enabled Microsoft Active Directory Federation Services (AD FS) integration, you need to map AD FS claims to user roles defined in MYOB Advanced by using the User Roles (SM201005) form. Claims configured in To Configure AD FS Claims transfer domain groups to MYOB Advanced to associate them with user roles. Do the following:

  1. Open the User Roles (SM201005) form.
  2. In the Summary area, in the Role Name box, select the MYOB Advanced user role you want to associate with a domain group (or with multiple groups).
  3. On the Claims tab, click Add Row.
    Note: The Claims tab appears on this form if the integration of MYOB Advanced with AD FS has been enabled in the web.config file, as described in To Enable AD FS Integration with MYOB Advanced.
  4. In the Group column, type the name of the domain group that you want to associate with the role in the following format: <Domain_Name>\<Group_Name>.
    Note: If you have configured claims that transfer other parameters to MYOB Advanced, you need to specify the values of these parameters in the Group column.
  5. On the form toolbar, click Save.
  6. Repeat Steps 2 through 5 for every role that should be mapped.
After you have mapped AD FS claims with user roles in MYOB Advanced you can assign specific roles for a particular domain user, as described in To Set Up Role Assignment for Domain Users or enable silent logon with Azure AD to use the Azure AD service as the default identity provider, as described in To Enable Silent Logon.