HELP FILE

How do I add the "active" user attribute in Azure AD for LastPass federated login?

Condition

The "active" user attribute is not listed when configuring your user attributes in the Azure AD portal during the setup process for LastPass federated login.

Cause: Cause

The "active" user attribute was deleted from your Azure AD environment.

Remedy: Remedy

The LastPass admin who is setting up federated login can add the "active" user attribute back in the Azure AD portal by doing the following:

  1. Log in to your Azure AD portal with your administrator account credentials at https://portal.azure.com.
  2. Click Enterprise applications.
  3. Select the LastPass Provisioning App you created.
  4. Go to Mappings > Provision Azure Active Directory Users.
  5. Scroll down and check the box for Show advanced options.
  6. Click Edit attribute list for customappsso.
  7. Scroll to the bottom, then enter active in the first empty field.
  8. For the "Type" drop-down menu select Boolean.
  9. Click Add Attribute, then click Save.
  10. Back on the Attribute Mapping page, below your existing user attributes, click Add New Mapping.
  11. On the Edit Attribute menu in the right navigation, enter the following:
    For this setting: Enter or select this:
    Mapping type Expression
    Expression Switch([IsSoftDeleted], ,"False", "True","True","False")
    Target attribute active
    Match objects using this attribute No
    Apply this mapping Always
  12. Click OK.

    Result: You have successfully added the "active" user attribute back to Azure AD.