Forum Discussion
CirrusMultiple APM Authentication Methods
Hi All
I am busy with an APM deployment where I am required to do user authentication to multiple domains. I have read some articles on how to do the Authentication with various branches within the APM VPE policy to cater for that.
The issue I am sitting with is that users are currently using there UPN and Domain\Username to login. The Domain\Username is being catered for as per above. My issue is that the UPN will be in the format of my.name@mydomain.com and the Domain details is Domain\Username. I cant do a simple extract of the Username from the UPN and pass this onto AD to do the Authentication, as the Username is in the format 123456 where the UPN will have my.name.
Does anyone have ideas on how I can add a path in the VPE that will cater for users that are logging on with UPN and point them to the correct AAA Servers for Authentication.
Stanislas_Piro2Cumulonimbus
Hi,
You can define following VPE:
Start --> Logon Page -Branch Domain1-> Macro Domain1 -Branch Domain2-> Macro Domain2For each macro domain, use the following tree
Start --> AD Query with filter --> variable assign --> AD AuthAD Query filter must be:
(|(sAMAccountName=%{session.logon.last.username})(UserPrincipalName=%{session.logon.last.logonname}))Variable assign must be:
session.logon.last.username = AAA Attribute AD sAMAccountName