Using User Principal Name instead of email address for MS ADFS federation SSO

Question

We have two AD groups, Staff and Students, one, Staff has on-prem email and the Active Directory emailaddress field is populated; the other, Students, has O365 email addresses and consequently they emailaddress field in AD is not populated. Therefore, to add Students to the Adobe Admin Console as users and use MS ADFS, we want to change the settings for authenticaiton from "emailaddress => emailaddress" to "User Principal Name => emailaddress" . Both AD groups have values that match the email format and will work but we are not getting any help from Chat not Expert sessions: they state why it is not working with Students not how to reconfigure it to use UPNs.

Does anyone have any experience with this?

alisterblack · Accepted Answer

Hi,Yes, this can be done by creating a custom Rule to set username instead of email as the login method in the directory config. Steps can be found in this document. See also https://helpx.adobe.com/ie/enterprise/kb/configure-microsoft-ad-fs-with-sso.html

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded