SAML 2.0 and AD FS integration


I am working on my first keycloak SAML integration.
I have running AD FS server and deployed keycloak in k8s env.
AD FS and keycloack can trust each other however I have a problem with mappers (no real prior exp with AD FS).

For instruction I have followed:

After successful login with test user (test@samvirt1-1d.local), I see that the email was mapped to keyclock. However, keyclock also requires First name and Last name.
I assume due to that reason I have “Update Account Information” form:

I have tried to configure mappers to sync First name and last name with little success…
How do I configure both keycloak and Claim Issuance Policy to also exchange this data?