ADFS SSO setup with Salesforce which uses UPN as NameID, has following configuration ADFS.
Claim Rule Template: Send LDAP Attributes as Claims
Claim Rule Name: Send the UPN as NameID
LDAP Attribute: User Principal Name
Outgoing Claim Type: Name ID
Everything works for all users. However when UPN of a user is changed, SAML response from ADFS doesn't contain NameID tag in Subject tag. What might be the reason of the strange behavior?
Best Answer
Reading this blog (http://www.jonathanhardison.com/index.php/2012/07/05/adfs-2-0-claims-incomplete-or-wrong-on-username-change/), we restarted the server & issue got resolved.
Looks like ADFS caches the data, restarting ADFS cleared cache.