You can enable three types of claims for identity on an ADFS Federation server. They are Common Name, E-mail, and User Principal Name. The ADFS step-by-step guide specifies that you do everything with a User Principal Name, which is an Active Directory convention. Although it could be given an e-mail that looks the same, it is not. This scenario selects to use E-mail instead of Common Name because E-mail is a more common configuration.
In the Administrative Tools, open the Active Directory Federation Services tool.
Navigate to the Organizational Claims by clicking Federation Service > Trust Policy > My Organization.
Ensure that Email is in this list.
Navigate to Active Directory by clicking Federation Services > Trust Policy > Account Stores.
Enable the E-mail Organizational Claim:
Right-click this claim, then select Properties.
Select Enabled.
Add the LDAP mail attribute by clicking Settings > LDAP attribute and selecting mail.
This is the LDAP attribute in Active Directory where the user’s email address is stored.
Click OK.
Verify that the user you are going to use for authentication has an email address in the mail attribute.
Continue with Creating a Resource Partner.