Community

Issue with special characters in Azure Active Directory ldp guest usernames integrating with ArcGIS Online

2332
3
Jump to solution
06-30-2021 11:23 AM
FrankMartin1
by
New Contributor III
‎06-30-2021 11:23 AM

We've switched to using Azure AD authentication for ArcGIS Online.   For guest users (not in organization), Azure AD creates a username (User principal name) that includes special characters (#'s), ex. somebody.somewhere.org#EXT#@acme365.onmicrosoft.com.  This username cannot be use for the SAML ID when adding a member to ArcGIS Online.  See image below.

FrankMartin1_0-1625076819305.png

Has anyone seen this problem before, and is there a solution?

Thanks,

Frank

Tags (3)
0 Kudos
1 Solution

Accepted Solutions
DerekLaw
by Esri Esteemed Contributor
Esri Esteemed Contributor
‎08-01-2021 09:58 PM

Hi @FrankMartin1,

A couple of possible workarounds you could try:

"Try to use automatic user registration. Since you are creating new accounts for external users, you could turn on automatic registration, test automatic registration & login for each new account and then turn off auto registration.

Another way to workaround this, if you don’t want to enable auto user registration, would be to add members from a file: 

Email,First Name,Last Name,SAML ID,User Type,Role

user@org.com,Firstname,Lastname,username@org#EXT#@dept.company.com,Viewer,Viewer

This also will preserve the ‘#’ characters in the idpusername, while the username is normalized." 

Hope this helps,

View solution in original post

3 Replies
DerekLaw
by Esri Esteemed Contributor
Esri Esteemed Contributor
‎08-01-2021 09:58 PM

Hi @FrankMartin1,

A couple of possible workarounds you could try:

"Try to use automatic user registration. Since you are creating new accounts for external users, you could turn on automatic registration, test automatic registration & login for each new account and then turn off auto registration.

Another way to workaround this, if you don’t want to enable auto user registration, would be to add members from a file: 

Email,First Name,Last Name,SAML ID,User Type,Role

user@org.com,Firstname,Lastname,username@org#EXT#@dept.company.com,Viewer,Viewer

This also will preserve the ‘#’ characters in the idpusername, while the username is normalized." 

Hope this helps,

RenaudJOGUET92
by
New Contributor
‎09-22-2021 03:37 AM

Hello @DerekLaw ,
Does this solution work on Portal 10.9 (linux installation) ? We are not able to correct the problem on Portal 10.9 (with auto user registration disable and file)
Thanks,
Renaud

0 Kudos
DerekLaw
by Esri Esteemed Contributor
Esri Esteemed Contributor
‎10-04-2021 07:58 PM

Hi @RenaudJOGUET92,

Does this solution work on Portal 10.9 (linux installation) ? We are not able to correct the problem on Portal 10.9 (with auto user registration disable and file)

Apologies for the late reply. I don't have much experience working with ArcGIS Enterprise on Linux OS so I can't say if the solution will work. Please contact Esri Tech Support - they are the best folks to help you resolve your issue. Sorry.

 

0 Kudos