In our ADFS 3.0 environment, we got a relying party trust with 2 claims provider trust. We activated the Home Realm Discovery. Our need is to redirect users based on their email.
The problem is as follows: the first Claims Provider should accept users from *@domain.com, this works great. The second one is more tricky. We want the second CPT to accept all the others suffixes, but as Microsoft states on their documentation, the 'OrganizationalAccountSuffix' parameter of the 'Set-AdfsClaimsProviderTrust' command does not accept wildcard : https://docs.microsoft.com/en-us/powershell/module/adfs/set-adfsclaimsprovidertrust?view=win10-ps#parameters
The question is: is there a workaround in order to redirect all users that have in their email addresses a suffix different from domain.com to the second CPT?
Thanks.
