I see that others have the same complaint, so you are right 🙂
You can see this if it helps:
Also with variable assign agent you can make the users just to type the name and then add "@domain.com":
Done some more work on this.
so the key bits seem to be
for examples presume my email is email@example.com
now on the logon page, if use split domain
if you have split to true then you get
if you have it set to no you get
notice domain is not set.
Why do f5 do this, why is the option there.... I think - i presume, its for MS AD Auth widget in VPE, they do a search on samaccount name which is usually just the short name ... sigh ..
now the session name seen in the gui is based on
so I use split equals yes .. and then the next step i do is variable assign
session.logon.last.username = session.logon.last.logonname
and I have stopped using the MS AD auth and just use LDAP Auth against the AD servers. Makes life a lot simplier