We have configured our ArcGIS Server/Enterprise 10.5.1 security with the following settings:
User Store: Windows domain
Role Store: ArcGIS server built-in
Authentication Tier: GIS server (We are restricted to using GIS-tier authentication so switching to a web-tier authentication config is not possible.)
Authentication Mode: ArcGIS tokens
I've noticed a behavior where services secured with the "Allow access to all users who are logged in" allow access to users who only enter their domain username. However, if the security is switched to "Allowed roles" users must enter DOMAIN\username. This seems logical looking at the user store - users are listed as DOMAIN\username. I'm just confused as to why this behavior occurs.
Has anyone with a similar configuration found a way to secure services down to the role level and allow users to enter only their domain usernames?