locked
ADFS Login Without Domain RRS feed

  • Question

  • In ADFS 4.0 (Server 2016), is it possible to remove the domain prefix when logging in? Instead of users having to type domian\username, can it be set so they only have to type their username? When attempting to login to SSO without the domain prefix, users receive the following message:

    Enter your user ID in the format "domain\user" or "user@domain".

    Entering the domain name prefix allows them to login, but it would be much more user friendly if they could enter just their username.




    Wednesday, February 27, 2019 3:30 PM

Answers

  • If you enable "AlternateID", they could log in with their email address.

    Would that work?

    Wednesday, February 27, 2019 6:00 PM

All replies

  • If you enable "AlternateID", they could log in with their email address.

    Would that work?

    Wednesday, February 27, 2019 6:00 PM
  • I tried that by issuing the powershell command below (substituting the domains with our local domain):

    Set-AdfsClaimsProviderTrust -TargetIdentifier "AD AUTHORITY" -AlternateLoginID mail -LookupForests contoso.com,fabrikam.com

    It didn't seem to change anything. From what I can tell I applied the command correctly, but maybe I did it wrong. After applying the command I restarted the ADFS service still with no success.


    Wednesday, February 27, 2019 8:53 PM
  • I apologize, I reapplied the command and tested again and it now works with a email address.
    Wednesday, February 27, 2019 8:57 PM