Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Add UPN to existing policy

Go to solution
The-messenger
Cirrostratus
Cirrostratus

‎21-Feb-2017 02:58

I have an existing access policy - login page ---- ad auth --- sso. I need to add userprincipalname as a username option.

 

Do I add ad query before ad auth or add a branch rule to the login page?

 

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
The-messenger
Cirrostratus
Cirrostratus

‎21-Jul-2022 07:46

 

As @Stanislas_Piro2 has pointed out in several threads...

- Add LDAP/AD query to get samAccountName
- Added a Variable Assign session.logon.last.username = expr { "[mcget {session.ldap.last.attr.sAMAccountName}]" }
(I've never been able to get SSO-Credential Mapping to change the username to sAMAccountName)

From here APM will work with the samAccountName,  just do AD Auth whatever else you need.

Then I need to change the username back to UPN for the application.

 
 
 
 
 

View solution in original post

0 Kudos
1 REPLY 1

Go to solution
The-messenger
Cirrostratus
Cirrostratus

‎21-Jul-2022 07:46

 

As @Stanislas_Piro2 has pointed out in several threads...

- Add LDAP/AD query to get samAccountName
- Added a Variable Assign session.logon.last.username = expr { "[mcget {session.ldap.last.attr.sAMAccountName}]" }
(I've never been able to get SSO-Credential Mapping to change the username to sAMAccountName)

From here APM will work with the samAccountName,  just do AD Auth whatever else you need.

Then I need to change the username back to UPN for the application.

 
 
 
 
 
0 Kudos
Copyright © 2023 Khoros, LLC