Currently, we can play with the username provided by the credential objects when setting up a new connection with the "Omit Windows Domain" option to allow the use of Windows domains logins with a wide range of applications that don't recognize the full DOMAIN\Username form.
Today, there is a lot of new applications using LDAP/ADFS authentications schemes that *need* a username using an email address form or a registered ActiveDirectory UPN (User Principal Name) like [email protected].
That's the case of Office365 portal that use email addresses but some apps use it with internal DNS AD domains...
Unfortunately, RoyalTS only recognize the DOMAIN\Username form when you want to use the $EffectiveUsernameWithoutDomain$ token! The backslash character is used to split the string...
Is there any plan to support UPN logins with tokens and pass to connections either:
"domain.tld" can refer to the famous "contoso.com" domain like a worldwide registered domain (can be used for ActiveDirectory sometimes) or an internal ActiveDirectory domain like contoso.local...
Maybe new settings in the document and/or credential object for defining the default domain (internal/external) values can be used to define how to split the username if it contains a @ symbol ?
On my side, I can have to use either [email protected], alptis\username, [email protected] or username to log on different apps/servers/services
A single credential object and tokens aware of those variants would be great!
(Especially if you have expiring passwords to change every X days and don't want to change a lot of credentials :p)
This thread is open to comments to share your use cases ! :-)
1 Comment
Stefan Koell
said
over 7 years ago
Hi Nicolas,
if I understand your requirement correctly, would it help extending the $EffectiveUsernameWithoutDomain$ to behave like this:
if the username contains a @ character, take everything before the @ character as username
if the username contains a \ character, take everything after the \ character as username
The same would apply to the checkbox "Omit Windows Domain" but I would then rename the option to be called "Omit Domain".
GRIMLER Nicolas
Hi Stefan !
Currently, we can play with the username provided by the credential objects when setting up a new connection with the "Omit Windows Domain" option to allow the use of Windows domains logins with a wide range of applications that don't recognize the full DOMAIN\Username form.
Today, there is a lot of new applications using LDAP/ADFS authentications schemes that *need* a username using an email address form or a registered ActiveDirectory UPN (User Principal Name) like [email protected].
That's the case of Office365 portal that use email addresses but some apps use it with internal DNS AD domains...
Unfortunately, RoyalTS only recognize the DOMAIN\Username form when you want to use the $EffectiveUsernameWithoutDomain$ token! The backslash character is used to split the string...
Is there any plan to support UPN logins with tokens and pass to connections either:
- DOMAIN\Username or domain.tld\Username
- [email protected]
- username
"domain.tld" can refer to the famous "contoso.com" domain like a worldwide registered domain (can be used for ActiveDirectory sometimes) or an internal ActiveDirectory domain like contoso.local...
Maybe new settings in the document and/or credential object for defining the default domain (internal/external) values can be used to define how to split the username if it contains a @ symbol ?
On my side, I can have to use either [email protected], alptis\username, [email protected] or username to log on different apps/servers/services
A single credential object and tokens aware of those variants would be great!
(Especially if you have expiring passwords to change every X days and don't want to change a lot of credentials :p)
This thread is open to comments to share your use cases ! :-)