locked
Token Portal Username in Multi Domain Environments RRS feed

  • Question

  • What's the easiest way to manage this? I.e. when I want to show the current logged in user their details but my cmdb contains users in multiple domains with identical usernames.

    It's an odd thing the token as if mapped to a text field you are shown the domain\username however when trying to use it within a query results it only uses the username

    Tuesday, August 15, 2017 9:34 AM

Answers

  • Hmmm ... this sounds like a AD design/naming convention with room for improvement ;-)

    But anyway:

    The token only contains the username and not he domain. That's the way we have to deal with.

    The only option I can see is a simple list with the 2 domains in the Request Offering and the user has to pick the name of the domain. The selected domain together with the username you can use to discover the "reports to person" of the user.

    Don't know if it's working for you and easier for the users: Instead of the domain you can maybe ask for Company Name or City or whatever makes sense to differ between the 2 domains.

    I don't see any other chance how SCSM can make a difference between a\dsmith (David Smith) and b\dsmith (Dean Smith).

    Hope this helps.


    Andreas Baumgarten | H&D International Group

    Wednesday, August 16, 2017 12:10 PM

All replies

  • Hello,

    It would be better for us to analysis this issue if you post the query you used. 

    Based on my understanding, if those user credentials are stored with domain\username pattern, you should get the same pattern when run SQL query against the database. 

    Regards,

    Yan


    Please remember to mark the replies as answers if they help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, August 16, 2017 2:42 AM
  • I am not talking about SQL queries. I'm talking about using the 'Query Results' option when creating a request offering. If I want to see the users the logged in user manages I can use the 'token portal username' to insert the current logged in user as a filter, however this only works if the username is unique, which it often isn't in a multi-domain environment
    Wednesday, August 16, 2017 9:11 AM
  • The domain of the logged in user is random? Or it's always a specific (the same) domain the user account is logging in the portal?

    Andreas Baumgarten | H&D International Group

    Wednesday, August 16, 2017 11:06 AM
  • Say I have 2 domains , a.local and b.local. There is a 2 way trust between the domains and they can both access the portal. In a.local I have David Smith with username dsmith. In b.local I have Dean Smith with username dsmith.

    I have a request offering which returns the direct reports of the currently logged in user using the token portal username component. I open the request offering as David. The request offering shows Davids direct reports and Deans direct reports because they have the same username. 

    What I am trying to find out is if there's a way of distinguishing between the 2 users as the token:portal username doesn't include a domain component.

    Does that make sense?

    Wednesday, August 16, 2017 11:15 AM
  • Hmmm ... this sounds like a AD design/naming convention with room for improvement ;-)

    But anyway:

    The token only contains the username and not he domain. That's the way we have to deal with.

    The only option I can see is a simple list with the 2 domains in the Request Offering and the user has to pick the name of the domain. The selected domain together with the username you can use to discover the "reports to person" of the user.

    Don't know if it's working for you and easier for the users: Instead of the domain you can maybe ask for Company Name or City or whatever makes sense to differ between the 2 domains.

    I don't see any other chance how SCSM can make a difference between a\dsmith (David Smith) and b\dsmith (Dean Smith).

    Hope this helps.


    Andreas Baumgarten | H&D International Group

    Wednesday, August 16, 2017 12:10 PM
  • It does! Customer seems to be holding onto some fairly ancient practices (resource domain!!!) which makes it all the more difficult.

    Yeah I didn't think there was any other way of doing it apart from a pre-filter at the top or creating multiple request offerings with the domains hard coded (last thing we want is for the user to select the wrong one!) for each one.

    I just found it odd that if you map the portal username token to a text field it is shown in the format of domain\username yet using it in a request offering query filter just presents the username which is why I thought there may be another way around it that didn't involve user interaction (like a piece of js which automatically populates the current users domain into a specified text box or something)

    Wednesday, August 16, 2017 12:17 PM