12-30-2021 03:55 AM
Hi everyone,
im using active directory as authentication source to protect our horizon application using generic service provider, the issue we are facing is our username and email address are diffrent. for example our username in duo is test and our email in AD is test.jhon@example.com , so when we change the duo username same to our AD email authentication is working fine, but if username in duo is different from email in AD , SAML is not allowing us to login, i’m using mail attribute in single sign on active directory configuration on duo portal, any help or suggestion
Solved! Go to Solution.
01-03-2022 01:34 PM
Hi Kristina
Thanks for your response, I’ve added duo alias but it is not working. now i’m using sAMAccountName as Duo username attribute in single sign on configuration and change the application protection Nameid format to unspecified and Nameid attribute to username and it is working fine now.
01-01-2022 09:07 AM
You can set the email address as a username alias in Duo (so for the Duo user “test” add a username alias of “test.jhon@example.com”.
You can import username alias values from AD into Duo with directory sync. In the sync configuration set the source attribute for username alias 1 to mail.
01-03-2022 01:34 PM
Hi Kristina
Thanks for your response, I’ve added duo alias but it is not working. now i’m using sAMAccountName as Duo username attribute in single sign on configuration and change the application protection Nameid format to unspecified and Nameid attribute to username and it is working fine now.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide