locked
Single sign on username problem RRS feed

  • Question

  • I am still in the testing stages of UAG and remote apps, and the problem arises when launching a remote app from the UAG portal.  single sign on is enable, however our domain usernames are of the form firstname<space>lastname, and this is replaced by firstname+lastname, eg. "domain\john smith" becomes "domain\john+smith" when trying to authenticate to the RDS server.  this inevitably fails and i have to log in manually, which kind of defeats the purpose of single sign on.

     

    is it possible to change this behaviour, and if so, how?

     

    thanks

    Wednesday, November 2, 2011 1:15 PM

Answers

  • I'm not sure this is the correct forum for this, as it doesn't sound like a FIM 2010 question.  I would recommend searching through http://social.technet.microsoft.com/Forums/en-US/forefrontedgeiag/threads and posting your question there if you don't get anything here that helps.

    I would personally expect spaces in usernames to cause all manner of problems, not just with UAG.

    The only solution FIM 2010 could offer you, if you use it for account provisioning and management, would be to alter the sAMAccountName values and/or UPNs to remove the space or contain the plus instead of the space and make that your new standard.

    Speaking of UPNs, do they have a space in them, too?  (Never tried, don't know if it is even possible.)  If not, could you use them to log in instead of DOMAIN\username?  It looks like that can be changed in UAG.  See http://technet.microsoft.com/en-us/library/ee809087.aspx

    Hope that helps.  It's all I've got.

    Chris

    Wednesday, November 2, 2011 2:47 PM

All replies

  • I'm not sure this is the correct forum for this, as it doesn't sound like a FIM 2010 question.  I would recommend searching through http://social.technet.microsoft.com/Forums/en-US/forefrontedgeiag/threads and posting your question there if you don't get anything here that helps.

    I would personally expect spaces in usernames to cause all manner of problems, not just with UAG.

    The only solution FIM 2010 could offer you, if you use it for account provisioning and management, would be to alter the sAMAccountName values and/or UPNs to remove the space or contain the plus instead of the space and make that your new standard.

    Speaking of UPNs, do they have a space in them, too?  (Never tried, don't know if it is even possible.)  If not, could you use them to log in instead of DOMAIN\username?  It looks like that can be changed in UAG.  See http://technet.microsoft.com/en-us/library/ee809087.aspx

    Hope that helps.  It's all I've got.

    Chris

    Wednesday, November 2, 2011 2:47 PM
  • thanks for the help - i'll repost my question somewhere more appropriate.  FYI, yes, the UPNs have spaces in them too.  i could change things a bit like you suggest, but i'd prefer not to meddle to that degree is UAG can deal with it.

     

    thanks again

    Wednesday, November 2, 2011 3:03 PM