This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

sAMAccountName OR UserPrincipalName Authentication

sAMAccountName OR UserPrincipalName Authentication

Go to solution
zachster47
New Contributor

‎03-21-2024 01:05 PM

Good day!

I've inherited a previously-configured wireless setup and I'm trying to enable the option of users authenticating through our NAC with either their UPN (first.last@email) or sAMAccountName (first.last). Currently, authentication will work with only the UPN format. I created a second LDAP Configuration identical to the UPN configuration, except with sAMAccountName in the user search attribute field with fall-through enabled, and added it to the authentication rules below the UPN. This ended up causing authentication with UPN to stop working, while the captive portal started accepting SAM logins, but would hang seemingly indefinitely.

I'm sure I'm missing something obvious, but I'm just stuck scratching my head at this point and couldn't find much documentation on the subject.

zachster47_0-1711050908619.png

 

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Robert_Haynes
Extreme Employee

‎03-22-2024 05:26 AM

Please review https://extreme-networks.my.site.com/ExtrArticleDetail?an=000100630.

sAMAccountName is usually username format and not first.last formain. Any username@domain, username or domain\username formatted authentication should work against sAMAccountName.

userPrincipalName is commongly username@domain format only. If the username format does not match the sAMAccountName format (username vs first.last OR euser vs extreme.user@extremenetworks.com) we will likely not be able to support said deployment in this manner.

If you continue to experience issues in this space after playing around with the configuration please consider opening a support case w/ GTAC.

 

View solution in original post

1 REPLY 1

Go to solution
Robert_Haynes
Extreme Employee

‎03-22-2024 05:26 AM

Please review https://extreme-networks.my.site.com/ExtrArticleDetail?an=000100630.

sAMAccountName is usually username format and not first.last formain. Any username@domain, username or domain\username formatted authentication should work against sAMAccountName.

userPrincipalName is commongly username@domain format only. If the username format does not match the sAMAccountName format (username vs first.last OR euser vs extreme.user@extremenetworks.com) we will likely not be able to support said deployment in this manner.

If you continue to experience issues in this space after playing around with the configuration please consider opening a support case w/ GTAC.

 

GTM-P2G8KFN