lsemmes

Using AD but unable to get user's "real name" in their Portal for ArcGIS profiles

Discussion created by lsemmes on Nov 14, 2013
Latest reply on Dec 11, 2013 by crafty762
We found documentation on Portal (see below) for getting a personâ??s â??real nameâ?? vs. their id in their Portal for ArcGIS profiles. However after verifying with our Active Directory team and checking the configuration file in Portal it appears to already be set in the way that would theoretically work â?? however we are only getting the userâ??s ID. Anybody else see this before?

In the Portal documentation to use a personâ??s â??real nameâ?� (such as Jane Doe), there is a reference to the portal-config.properties file in /arcgisportal/arcgis/portal/etc on our portal server.
1. Alter the IDP settings to use Windows Active Directory.
a. Keep the idp.type set to WINDOWS.
b. Set the idp.ad.user to the Windows Active Directory account login that has read access to the domain.
Note:
If the account name or password contains dot (.), comma (,), or backslash (\) characters, you must place a backslash in front of each character. The backslash serves as an escape character.
c. Set the idp.ad.userpassword to the password for the Windows Active Directory account password.
d. Set the idp.ad.user.fullnameattribute to the Active Directory attribute that contains people's real name, such as Jane Doe. This value is used to correctly populate people's full names in their Portal for ArcGIS profiles. This must be provided by your administrator.
e. Set the idp.ad.user.emailattribute to the Active Directory attribute that contains people's email addresses. This is used in people's profiles. This differs from organization to organization; therefore, this must be provided by your Active Directory administrator. If this is not provided, Portal accounts will still work, but personal profiles will not contain email addresses.
f. Verify that the idp.userpassword.encrypted property is set to false.
The properties will look similar to the following after you make your changes:
idp.type=WINDOWS
idp.ad.user=mydomain\\readaccount
idp.ad.userpassword=Abcd1234
idp.ad.user.fullnameattribute=cn
idp.ad.user.emailattribute=mail
idp.userpassword.encrypted=false

Outcomes