Portal AD integration adds domain name to user name.

619
2
10-09-2018 11:27 AM
EddBlaine
New Contributor III

I've just completed the setup for portal 10.61 and have updated the JSON user identity store to use active directory (LDAP). When I add an LDAP user to portal, it attaches an @{domain name} to the user login. So for instance, if my network login is name is bobmarley and I add it as a user in our portal, I'd have to remember to login into portal as bobmarley@mydomain (no.com extension - it doesn't attach a FQDN). Is there a way for me to change the JSON so that end users wouldn't need to put the @mydomain at the end of their login name?

Reply
0 Kudos
2 Replies
AnthonyRyanEQL
Occasional Contributor III

Edd,

If you change the setup of the WA for Portal to enable SSO (IWA), then your users don't need to worry about any of this. I have done this for the organisation that I work for and it works well with the users don't need to anything other than just going to the Portal WA url

Regards

JeffSmith
Esri Contributor

If you configure the user identity store JSON string to use the type "WINDOWS", the domain name will always be added to the end.  There is not a way to remove that.  If you specify the type "LDAP", you have more flexibility and can specify the "usernameAttribute".  Since you are connecting to A/D, it sounds like you want the "sAMAccountName" to be the usernameAttribute.  This would remove the need to type in the @mydomain at the end of each username.  You can't use this with SSO though.  If you want to enable SSO (IWA) as Anthony mentioned above, you have to use the type "WINDOWS".