Segment lengh of "0" in segment 2 is same as "All" when setting up Automaticly Create User Name in User Provisioning to create user with single value.

Lets say I want to have a user provisioned who's cn attribute is a single value such as: urn:oid:1.3.6.1.1.1.1.0. When configuring this in SAML 2.0 > Identity Provider > User Identification Method > Attribute Matching > Provisioning Settings, on step 3 of 5 Define user name creation, in Automatically create user name it is looking for values in 2 segments to create the user name during provisioning. If I configure Segment 1 with Attribute cn and length of "All", and Segment 2 with length of "0" as shown below, the end result will be a user being provisioned with a cn of urn:oid:1.3.6.1.1.1.1.0urn:oid:1.3.6.1.1.1.1.0.

In the case where you only want one value as the user name, you need to set Segment 1 with the length of "0" and use Segment 2 as the single value. This should provision the user with cn of urn:oid:1.3.6.1.1.1.1.0.

This is a defect and has been reported to engineering

876637