Here is a quick article on how to configure the SharePoint Services Connector for provisioning user profiles for ADFS authenticated users. I did not find any particularly good articles on the attributes required, so here is a quick reference on what I did no make things work with ADFS authentication.
This is not a guide on how to configure the MA. You should find good information on how to do that here.
There are 5 attributes that are important. Here is a table for you.
|SPS-ClaimID||This is the value of the identifier claim. This means that if you use userPrincipalname as identifier, this should be firstname.lastname@example.org, or if you use EmployeeID this should be 10032.|
|SPS-ClaimProviderID||This is the case sensitive name of the Trusted Identity Provider configured in SharePoint. If your Trusted Identity Provider is called “SAML Users”, this value should be “SAML Users”.|
|SPS-ClaimProviderType||When doing ADFS authentication, this should be the constant “Trusted”. (Btw, if you are doing Windows authentication, this should be “Windows”)|
|ProfileIdentifier||This value is a bit weird when it comes to ADFS authentication. It is required, and it must be unique, and it mst be on the form “someting:unique” (something colon unique). I usually fill this with “ID:value of SPS-ClaimID”; for example “ID:10032” or “ID:email@example.com“.|
|Anchor||yes||Another required value that must be unique. I use the same value as the SPS-ClaimID, so firstname.lastname@example.org or 10032. The reason this attribute must be configure as initial only, is that the Anchor will actually change and overwriting it may cause some strange behavior.|