User login with UPN instead of sAMAccountName

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

User login with UPN instead of sAMAccountName

Akiko
I am very new to Shibboleth, so that please bare with me.
We are trying to configure the outlook think client and mobile device to connect O365.  Right now, if we login to Outlook with sAMAccountName (college wide ID)@tulsacc.edu, we are able to login, but we like to use UPN which is firstname.lastname@tulsacc.edu instead.  
We are looking at login.config and made several attempts by changing userFilter="userPrincipalName" or userFilter="(userPrincipalName={0})", but it does not authenticate with UPN. It only work when we use userFilter="(sAMAccountName={0})"

Here is our login.config

ShibUserPassAuth {

// Example LDAP authentication
// See: https://spaces.internet2.edu/display/SHIB2/IdPAuthUserPass

     edu.vt.middleware.ldap.jaas.LdapLoginModule required

         ldapUrl="ldap://testnet.tulsacc.edu:3268"
         baseDn="DC=TESTNET,DC=TULSACC,DC=EDU"
         bindDn="CN=shibauth,OU=IT-Service Accounts,OU=People,DC=TESTNET,DC=tulsacc,DC=edu"
         bindCredential="Password"
         ssl="false"
         tls=”false”
        // userField=" userPrincipalName ";
    userFilter="(sAMAccountName={0})"
        //userFilter="(userPrincipalName={0})"
        //userFilter="(email={0})"
        //userFilter="(userPrincipalName={0}@testnet.tulsacc.edu)"
        //userFilter="(cn={0})"
       
        //userFilter="userPrincipalName={0}@testnet.tulsacc.edu)"
        //userRoleAttribute="userPrincipalName"
        //userField="userPrincipalName"
       
         subtreeSearch="true";

 

// Example Kerberos authentication, requires Sun's JVM
// See: https://spaces.internet2.edu/display/SHIB2/IdPAuthUserPass
/*
   com.sun.security.auth.module.Krb5LoginModule required
      useKeyTab="true"
      keyTab="/path/to/idp/keytab/file";
*/

};

I will appreciate any help.
       
Akiko