Anyone got a good writeup/tutorial on configuring an On-Premise Active Directory IdP? We've got to the point where I can get the authnResponse (by turning off the sig validation). And I can see the Attributes in the response, but for the life of me, I can not get them to map to user attributes.
Xpather.com appears to not like the format of the Response past the first node. (I think it's because the saml: prefixes are missing in all but the saml2p:Respone node - but it's supposedly a valid SAML response per Msft's help.