cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0
Upvote

Using User Principal Name instead of email address for MS ADFS federation SSO

WayneSD43
New Here ,
Oct 30, 2019 Oct 30, 2019

Copy link to clipboard

Copied

We have two AD groups, Staff and Students, one, Staff has on-prem email and the Active Directory emailaddress field is populated; the other, Students, has O365 email addresses and consequently they emailaddress field in AD is not populated. Therefore, to add Students to the Adobe Admin Console as users and use MS ADFS, we want to change the settings for authenticaiton from "emailaddress => emailaddress" to "User Principal Name => emailaddress" . Both AD groups have values that match the email format and will work but we are not getting any help from Chat not Expert sessions: they state why it is not working with Students not how to reconfigure it to use UPNs.

Does anyone have any experience with this? 

 

TOPICS
Identity and SSO , Troubleshooting

Views

1.5K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

alisterblack Adobe Employee
Adobe Employee , Nov 04, 2019 Nov 04, 2019

Hi,

Yes, this can be done by creating a custom Rule to set username instead of email as the login method in the directory config. Steps can be found in this document. See also https://helpx.adobe.com/ie/enterprise/kb/configure-microsoft-ad-fs-with-sso.html

 

 

 

Votes

Translate

Translate
replies 2 Replies 2
latest latest Jump to latest reply
alisterblack Adobe Employee
Adobe Employee ,
Nov 04, 2019 Nov 04, 2019

Copy link to clipboard

Copied

Hi,

Yes, this can be done by creating a custom Rule to set username instead of email as the login method in the directory config. Steps can be found in this document. See also https://helpx.adobe.com/ie/enterprise/kb/configure-microsoft-ad-fs-with-sso.html

 

 

 

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
WayneSD43
New Here ,
Nov 07, 2019 Nov 07, 2019

Copy link to clipboard

Copied

LATEST
In Response To alisterblack

Alister, thank  you for your how-to it was just what we needed. Why, pray tell, were the Adobe support staff unable to provide guidance when asked? ( rhetorical question, no answer expected)

 

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
In Case You Missed It...
Enterprise and teams | Updates and releases | ICYMI...
User Guides
Administration User Guide
Shared Device Licensing | Deployment guide
Named User Licensing Migration Guide
Important Information
Community Guidelines
Admin Console Status
Copyright © 2023 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices