Jump to content
Welcome to our new Citrix community!

nFactor - Pass sAMAccountName to next factor when logon using UPN

Phil Dusome 2

Recommended Posts

- I'm doing AoVPN where user is logging on to machine using UPN, e.g., first.last@mydomain.com, this is passed to gateway as first factor.

- Second factor is using RADIUS where the token is paired with the user's  SAM.  The SAM does not resemble the UPN, e.g. last07.

- Extracting the SAM is fairly easy.  On the LDAP server, I just specify samAccountName as SSO Name Attrinute.


For the second factor, how do I "send" SAM for username rather than UPN?


Link to comment
Share on other sites

The resolution:

- add samAccountName for Attribute 1 on the LDAP server for UPN

- for the RSA factor, use the prefill schema as a base and  customize to use ${http.req.user.attribute(1)} as initial value for username. 


Ideally the field would be hidden, but I'll figure that out later.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...