Apologies, I didn't see this response. The instructions for configuring ADFS are here:
https://enterprise.arcgis.com/en/portal/latest/administer/windows/configure-adfs.htm
Make sure you enable the SAML based group membership in the portal - you can edit it after the fact as well:
- Enable SAML based group membership—Enable this option to allow organization members to link specified SAML-based groups to ArcGIS Enterprise groups during the group creation process.
You will be able to export the SP metadatafile, which you pass to you network administrator who need to pay particular attention to:
With this claim, AD FS sends attributes with the names givenname, surname, email, and group membership to ArcGIS Enterprise after authenticating the user. ArcGIS Enterprise then uses the values received in the givenname, surname, and email attributes and populates the first name, last name, and email address of the user account. The values in the group attribute are used to update the user's group membership.
Note:
If you selected the Enable SAML based group membership option when registering AD FS as the SAML IDP, membership for each user is obtained from the SAML assertion response received from the identity provider every time the user successfully signs in. For information on linking SAML groups, see Create groups.
After it's configured, and it's easy on both end, you start creating groups in portal and if the syntax of the group name is an exact match of the name presented by ADFS then you'll get the auto assignment your looking for.
Scott Tansley
https://www.linkedin.com/in/scotttansley/