2017-06-01 165 views
2

我有一個工作Shibboleth IDP & SP,但一些屬性沒有得到解決的SP。Shibboleth SP不解決屬性發送Shibboleth IDP

在IDP日誌中,您可以看到下面的值已經發布,但SP沒有選擇它們。

屬性發行時間:COMMONNAME,transientId,姓,給定名稱,sAMAccountName賦

下面是日誌文件。

Shibboleth的IDP - 日誌

18:18:15.267 - DEBUG [edu.internet2.middleware.shibboleth.common.attribute.filtering.provider.ShibbolethAttributeFilteringEngine:109] - Attribute commonName has 1 values after filtering 
18:18:15.267 - DEBUG [edu.internet2.middleware.shibboleth.common.attribute.filtering.provider.ShibbolethAttributeFilteringEngine:109] - Attribute transientId has 1 values after filtering 
18:18:15.267 - DEBUG [edu.internet2.middleware.shibboleth.common.attribute.filtering.provider.ShibbolethAttributeFilteringEngine:109] - Attribute surname has 1 values after filtering 
18:18:15.267 - DEBUG [edu.internet2.middleware.shibboleth.common.attribute.filtering.provider.ShibbolethAttributeFilteringEngine:109] - Attribute givenName has 1 values after filtering 
18:18:15.267 - DEBUG [edu.internet2.middleware.shibboleth.common.attribute.filtering.provider.ShibbolethAttributeFilteringEngine:109] - Attribute sAMAccountName has 1 values after filtering 
18:18:15.267 - DEBUG [edu.internet2.middleware.shibboleth.common.attribute.filtering.provider.ShibbolethAttributeFilteringEngine:106] - Removing attribute from return set, no more values: displayName 
18:18:15.267 - DEBUG [edu.internet2.middleware.shibboleth.common.attribute.filtering.provider.ShibbolethAttributeFilteringEngine:114] - Filtered attributes for principal edison. The following attributes remain: [commonName, transientId, surname, givenName, sAMAccountName] 
18:18:15.268 - DEBUG [edu.internet2.middleware.shibboleth.common.attribute.provider.ShibbolethSAML2AttributeAuthority:247] - Encoded attribute commonName with encoder of type edu.internet2.middleware.shibboleth.common.attribute.encoding.provider.SAML2StringAttributeEncoder 
18:18:15.268 - DEBUG [edu.internet2.middleware.shibboleth.common.attribute.provider.ShibbolethSAML2AttributeAuthority:263] - Attribute transientId was not encoded (filtered by query, or no SAML2AttributeEncoder attached). 
18:18:15.268 - DEBUG [edu.internet2.middleware.shibboleth.common.attribute.provider.ShibbolethSAML2AttributeAuthority:247] - Encoded attribute surname with encoder of type edu.internet2.middleware.shibboleth.common.attribute.encoding.provider.SAML2StringAttributeEncoder 
18:18:15.268 - DEBUG [edu.internet2.middleware.shibboleth.common.attribute.provider.ShibbolethSAML2AttributeAuthority:247] - Encoded attribute givenName with encoder of type edu.internet2.middleware.shibboleth.common.attribute.encoding.provider.SAML2StringAttributeEncoder 
18:18:15.269 - DEBUG [edu.internet2.middleware.shibboleth.common.attribute.provider.ShibbolethSAML2AttributeAuthority:247] - Encoded attribute sAMAccountName with encoder of type edu.internet2.middleware.shibboleth.common.attribute.encoding.provider.SAML2StringAttributeEncoder 
18:18:15.289 - INFO [Shibboleth-Audit:1028] - 20170601T124815Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect|_f29312df4af4e495770ee67f15bb462c|https://10.1.50.11/shibboleth|urn:mace:shibboleth:2.0:profiles:saml2:sso|https://10.1.50.11:8443/idp/shibboleth|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_15e1d92e1a8d5a07c2cd84808b540f77|edison|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|commonName,transientId,surname,givenName,sAMAccountName,|_a4ba91c098206a53a94b5ed2deeefbc9|| 

Shibboleth的SP - 日誌

2017-06-01 19:06:12 INFO Shibboleth.Application : building AttributeExtractor of type XML... 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : loaded XML resource (/etc/shibboleth/attribute-map.xml) 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:mace:dir:attribute-def:uid 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:oid:0.9.2342.19200300.100.1.1 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:mace:dir:attribute-def:eduPersonScopedAffiliation 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:oid:1.3.6.1.4.1.5923.1.1.1.9 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:mace:dir:attribute-def:eduPersonAffiliation 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:oid:1.3.6.1.4.1.5923.1.1.1.1 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:mace:dir:attribute-def:cn 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:oid:2.5.4.3 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:mace:dir:attribute-def:sn 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:oid:2.5.4.4 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:mace:dir:attribute-def:ou 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:oid:2.5.4.11 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:mace:dir:attribute-def:o 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:oid:2.5.4.10 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:oid:0.9.2342.19200300.100.1.3 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:mace:dir:attribute-def:mail 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:mace:dir:attribute-def:eduPersonTargetedID 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:oid:1.3.6.1.4.1.5923.1.1.1.10 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:oasis:names:tc:SAML:2.0:nameid-format:persistent 
2017-06-01 19:06:12 INFO Shibboleth.Application : building AttributeFilter of type XML... 
2017-06-01 19:06:12 INFO Shibboleth.AttributeFilter : reload thread started...running when signaled 
2017-06-01 19:06:12 INFO Shibboleth.AttributeFilter : loaded XML resource (/etc/shibboleth/attribute-policy.xml) 
2017-06-01 19:06:12 INFO Shibboleth.Application : building AttributeResolver of type Query... 
2017-06-01 19:06:12 INFO Shibboleth.Application : building CredentialResolver of type File... 
2017-06-01 19:06:12 INFO XMLTooling.SecurityHelper : loading private key from file (/etc/shibboleth/sp-key.pem) 
2017-06-01 19:06:12 INFO XMLTooling.SecurityHelper : loading certificate(s) from file (/etc/shibboleth/sp-cert.pem) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default::getHeaders::Application) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : listener service starting 
2017-06-01 19:06:14 INFO Shibboleth.AttributeExtractor.XML [1]: skipping unmapped SAML 2.0 Attribute with Name: urn:oid:2.5.4.42 
2017-06-01 19:06:14 INFO Shibboleth.AttributeExtractor.XML [1]: skipping unmapped SAML 2.0 Attribute with Name: urn:oid:1.2.840.113556.1.4.221 
2017-06-01 19:06:14 INFO Shibboleth.SessionCache [1]: new session created: ID (_c699b07ff63f25bc28ef60abd9344a33) IdP (https://10.1.50.11:8443/idp/shibboleth) Protocol(urn:oasis:names:tc:SAML:2.0:protocol) Address (10.1.50.11) 
2017-06-01 19:06:41 INFO Shibboleth.AttributeExtractor.XML [3]: skipping unmapped SAML 2.0 Attribute with Name: urn:oid:2.5.4.42 
2017-06-01 19:06:41 INFO Shibboleth.AttributeExtractor.XML [3]: skipping unmapped SAML 2.0 Attribute with Name: urn:oid:1.2.840.113556.1.4.221 
2017-06-01 19:06:41 INFO Shibboleth.SessionCache [3]: new session created: ID (_c3f9a98ce69aa26654851f25cbd03b7f) IdP (https://10.1.50.11:8443/idp/shibboleth) Protocol(urn:oasis:names:tc:SAML:2.0:protocol) Address (10.1.50.11) 
[email protected]:/var/log/shibboleth$ tail -n 100 shibd.log 
2017-06-01 19:06:12 INFO Shibboleth.Config : shibboleth 2.5.2 library initialization complete 
2017-06-01 19:06:12 INFO Shibboleth.Config : reload thread started...running when signaled 
2017-06-01 19:06:12 INFO Shibboleth.Config : loaded XML resource (/etc/shibboleth/shibboleth2.xml) 
2017-06-01 19:06:12 INFO Shibboleth.Config : Shibboleth SP Version 2.5.2 
2017-06-01 19:06:12 INFO Shibboleth.Config : Library versions: log4shib 1.0.8, Xerces-C 3.1.1, XML-Security-C 1.7.2, XMLTooling-C 1.5.3, OpenSAML-C 2.5.3, Shibboleth 1.5.2 
2017-06-01 19:06:12 INFO Shibboleth.Config : building ListenerService of type UnixListener... 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (set::RelayState) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (get::RelayState) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (set::PostData) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (get::PostData) 
2017-06-01 19:06:12 INFO Shibboleth.Config : no StorageService plugin(s) installed, using (mem) in-memory instance 
2017-06-01 19:06:12 INFO Shibboleth.Config : no ReplayCache specified, using arbitrary StorageService instance 
2017-06-01 19:06:12 INFO Shibboleth.Config : no ArtifactMap specified, building in-memory ArtifactMap... 
2017-06-01 19:06:12 INFO Shibboleth.Config : no SessionCache specified, using StorageService-backed instance 
2017-06-01 19:06:12 INFO XMLTooling.StorageService : cleanup thread started...running every 900 seconds 
2017-06-01 19:06:12 INFO Shibboleth.SessionCache : bound to arbitrary StorageService 
2017-06-01 19:06:12 INFO Shibboleth.SessionCache : StorageService for 'lite' use not set, using standard StorageService 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (find::StorageService::SessionCache) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (remove::StorageService::SessionCache) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (touch::StorageService::SessionCache) 
2017-06-01 19:06:12 INFO Shibboleth.Config : building SecurityPolicyProvider of type XML... 
2017-06-01 19:06:12 INFO Shibboleth.SecurityPolicyProvider.XML : reload thread started...running when signaled 
2017-06-01 19:06:12 INFO Shibboleth.SecurityPolicyProvider.XML : loaded XML resource (/etc/shibboleth/security-policy.xml) 
2017-06-01 19:06:12 INFO OpenSAML.SecurityPolicyRule.Conditions : building SecurityPolicyRule of type Audience 
2017-06-01 19:06:12 INFO OpenSAML.SecurityPolicyRule.Conditions : building SecurityPolicyRule of type Audience 
2017-06-01 19:06:12 INFO OpenSAML.SecurityPolicyRule.Conditions : building SecurityPolicyRule of type Ignore 
2017-06-01 19:06:12 INFO OpenSAML.SecurityPolicyRule.Conditions : building SecurityPolicyRule of type Ignore 
2017-06-01 19:06:12 INFO OpenSAML.SecurityPolicyRule.Conditions : building SecurityPolicyRule of type Ignore 
2017-06-01 19:06:12 INFO Shibboleth.Config : automatically blacklisting security algorithm (http://www.w3.org/2001/04/xmldsig-more#rsa-md5) 
2017-06-01 19:06:12 INFO Shibboleth.Config : automatically blacklisting security algorithm (http://www.w3.org/2001/04/xmldsig-more#md5) 
2017-06-01 19:06:12 INFO Shibboleth.Config : automatically blacklisting security algorithm (http://www.w3.org/2001/04/xmlenc#rsa-1_5) 
2017-06-01 19:06:12 INFO Shibboleth.Config : building ProtocolProvider of type XML... 
2017-06-01 19:06:12 INFO Shibboleth.ProtocolProvider.XML : loaded XML resource (/etc/shibboleth/protocols.xml) 
2017-06-01 19:06:12 WARN Shibboleth.Application : insecure cookieProps setting, set to "https" for SSL/TLS-only usage 
2017-06-01 19:06:12 WARN Shibboleth.Application : handlerSSL should be enabled for SSL/TLS-enabled web sites 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (run::AssertionLookup) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/Login::run::SAML2SI) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/Login::run::Shib1SI) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/SAML2/POST) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/SAML2/POST-SimpleSign) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/SAML2/Artifact) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/SAML2/ECP) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/SAML/POST) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/SAML/Artifact) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/Logout::run::SAML2LI) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/Logout::run::LocalLI) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/SLO/SOAP) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/SLO/Redirect) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/SLO/POST) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/SLO/Artifact) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/NIM/SOAP) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/NIM/Redirect) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/NIM/POST) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/NIM/Artifact) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/Artifact/SOAP::run::SAML2Artifact) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/Metadata) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/Status) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default/DiscoFeed) 
2017-06-01 19:06:12 INFO Shibboleth.DiscoveryFeed : feed files will be cached in /var/cache/shibboleth/ 
2017-06-01 19:06:12 INFO Shibboleth.Application : building MetadataProvider of type XML... 
2017-06-01 19:06:12 INFO OpenSAML.MetadataProvider.XML : loaded XML resource (/etc/shibboleth/idp-Metadata.xml) 
2017-06-01 19:06:12 INFO Shibboleth.Application : no TrustEngine specified or installed, using default chain {ExplicitKey, PKIX} 
2017-06-01 19:06:12 INFO OpenSAML.MetadataProvider.XML : reload thread started...running when signaled 
2017-06-01 19:06:12 INFO Shibboleth.Application : building AttributeExtractor of type XML... 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : loaded XML resource (/etc/shibboleth/attribute-map.xml) 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:mace:dir:attribute-def:uid 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:oid:0.9.2342.19200300.100.1.1 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:mace:dir:attribute-def:eduPersonScopedAffiliation 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:oid:1.3.6.1.4.1.5923.1.1.1.9 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:mace:dir:attribute-def:eduPersonAffiliation 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:oid:1.3.6.1.4.1.5923.1.1.1.1 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:mace:dir:attribute-def:cn 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:oid:2.5.4.3 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:mace:dir:attribute-def:sn 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:oid:2.5.4.4 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:mace:dir:attribute-def:ou 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:oid:2.5.4.11 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:mace:dir:attribute-def:o 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:oid:2.5.4.10 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:oid:0.9.2342.19200300.100.1.3 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:mace:dir:attribute-def:mail 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:mace:dir:attribute-def:eduPersonTargetedID 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:oid:1.3.6.1.4.1.5923.1.1.1.10 
2017-06-01 19:06:12 INFO Shibboleth.AttributeExtractor.XML : creating mapping for Attribute urn:oasis:names:tc:SAML:2.0:nameid-format:persistent 
2017-06-01 19:06:12 INFO Shibboleth.Application : building AttributeFilter of type XML... 
2017-06-01 19:06:12 INFO Shibboleth.AttributeFilter : reload thread started...running when signaled 
2017-06-01 19:06:12 INFO Shibboleth.AttributeFilter : loaded XML resource (/etc/shibboleth/attribute-policy.xml) 
2017-06-01 19:06:12 INFO Shibboleth.Application : building AttributeResolver of type Query... 
2017-06-01 19:06:12 INFO Shibboleth.Application : building CredentialResolver of type File... 
2017-06-01 19:06:12 INFO XMLTooling.SecurityHelper : loading private key from file (/etc/shibboleth/sp-key.pem) 
2017-06-01 19:06:12 INFO XMLTooling.SecurityHelper : loading certificate(s) from file (/etc/shibboleth/sp-cert.pem) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : registered remoted message endpoint (default::getHeaders::Application) 
2017-06-01 19:06:12 INFO Shibboleth.Listener : listener service starting 
2017-06-01 19:06:14 INFO Shibboleth.AttributeExtractor.XML [1]: skipping unmapped SAML 2.0 Attribute with Name: urn:oid:2.5.4.42 
2017-06-01 19:06:14 INFO Shibboleth.AttributeExtractor.XML [1]: skipping unmapped SAML 2.0 Attribute with Name: urn:oid:1.2.840.113556.1.4.221 
2017-06-01 19:06:14 INFO Shibboleth.SessionCache [1]: new session created: ID (_c699b07ff63f25bc28ef60abd9344a33) IdP (https://10.1.50.11:8443/idp/shibboleth) Protocol(urn:oasis:names:tc:SAML:2.0:protocol) Address (10.1.50.11) 
2017-06-01 19:06:41 INFO Shibboleth.AttributeExtractor.XML [3]: skipping unmapped SAML 2.0 Attribute with Name: urn:oid:2.5.4.42 
2017-06-01 19:06:41 INFO Shibboleth.AttributeExtractor.XML [3]: skipping unmapped SAML 2.0 Attribute with Name: urn:oid:1.2.840.113556.1.4.221 
2017-06-01 19:06:41 INFO Shibboleth.SessionCache [3]: new session created: ID (_c3f9a98ce69aa26654851f25cbd03b7f) IdP (https://10.1.50.11:8443/idp/shibboleth) Protocol(urn:oasis:names:tc:SAML:2.0:protocol) Address (10.1.50.11) 
2017-06-01 19:21:12 INFO XMLTooling.StorageService : purged 4 expired record(s) from storage 

我想這是它失敗了,有什麼問題嗎?

2017-06-01 19:06:41 INFO Shibboleth.AttributeExtractor.XML [3]: skipping unmapped SAML 2.0 Attribute with Name: urn:oid:2.5.4.42 
2017-06-01 19:06:41 INFO Shibboleth.AttributeExtractor.XML [3]: skipping unmapped SAML 2.0 Attribute with Name: urn:oid:1.2.840.113556.1.4.221 

回答

3

設法使問題屬性map.xml映射正確的屬性ID後解決

<Attribute name="urn:mace:dir:attribute-def:uid" id="uid" /> 
<Attribute name="urn:oid:0.9.2342.19200300.100.1.1" id="uid" /> 

<Attribute name="urn:mace:dir:attribute-def:samaccountname" id="samaccountname" /> 
<Attribute name="urn:oid:1.2.840.113556.1.4.221" id="samaccountname" /> 

enter image description here