Hi,
Boundary don’t mapping fields with AD via Vault.
My maps in settings Auth Method
Any ideas? 
Regards,
AN
I’m not sure if you’re mapping any custom claims in the vault provider (within vault) to a Username claim in the id_token vault creates. My guess is there’s a problem with that mapping in vault.
I don’t know where I can add mapping in vault. I use web interface not cli. My settings:
logs in vault:
2023-02-23T11:36:42.624+0100 [DEBUG] auth.ldap.auth_ldap_415614d9: compiling search filter: search_filter=“({{.UserAttr}}={{.Username}})”
2023-02-23T11:36:42.624+0100 [DEBUG] auth.ldap.auth_ldap_415614d9: discovering user: userdn=“DC=MY,DC=DOMAIN” filter=“(samaccountname=myuser)”
2023-02-23T11:36:42.625+0100 [DEBUG] auth.ldap.auth_ldap_415614d9: user binddn fetched: username=myuser binddn=“CN=myuser,OU=USERS,DC=my,DC=domain”
2023-02-23T11:36:42.630+0100 [DEBUG] auth.ldap.auth_ldap_415614d9: re-bound to original binddn
2023-02-23T11:36:42.630+0100 [DEBUG] auth.ldap.auth_ldap_415614d9: compiling group filter: group_filter=“(|(memberUid={{.Username}})(member={{.UserDN}})(uniqueMember={{.UserDN}}))”
2023-02-23T11:36:42.630+0100 [DEBUG] auth.ldap.auth_ldap_415614d9: searching: groupdn=“CN=gruop_name,OU=GROUPS,DC=my,DC=domain” rendered_query=“(|(memberUid=myuser)(member=CN=myuser,OU=USERS,DC=my,DC=domain)(uniqueMember=CN=myuser,OU=USERS,DC=my,DC=domain))”
2023-02-23T11:36:42.631+0100 [DEBUG] auth.ldap.auth_ldap_415614d9: groups fetched from server: num_server_groups=1 server_groups=[“group_name”]
2023-02-23T11:36:42.631+0100 [DEBUG] identity: refreshing external group memberships: entity_id=0c7dc4d6-2afb-84d1-2f8d-03d5e1a44b6a group_aliases=[“mount_accessor:"auth_ldap_415614d9" name:"group_name"”]