cancel
Showing results for 
Search instead for 
Did you mean: 

Active Directory: I need to append a FQDN to the userid

Highlighted
Occasional Contributor

Active Directory: I need to append a FQDN to the userid

When my customer Joe comes to his office and uses his intranet desktop, he logs into Active Directory by typing "group\joe" in the username field of his Windows XP machine login window.

But actually, "group" is an alias of the real FQDN "group.emea.mycorp". I am not a Windows expert, but somehow his XP operating system manages to append the DNS "emea.mycorp" string before sending user credentials to the AD domain controller for validation.

Now that his company is deploying the SA6500 appliance, he wants to replicate the same experience when reaching the company from the Internet through the appliance. When prompted for the username by the Juniper SA, he wants to type "group\joe" and be validated by the AD controller.

I found that if he types "group.emea.mycorp\joe", the SA appliance receives a successful answer from the AD controller, but if he types "group\joe", then the transaction fails. For the time being, his group is typing the entire FQDN to work this problem around, but they consider this annoying.

ÀIs there a chance to tailor the SA configuration to ask the appliance to append a string the username before sending the userid to the AD controller?

Thank you very much in advance

Rogelio Alvez

ralvez@tiagora.com

Argentina

2 REPLIES 2
Highlighted
Respected Contributor

Re: Active Directory: I need to append a FQDN to the userid

you can use either the domain\username option, which does not bind the pc to the domain, or you can use the LDAP servertype and use userprinciplename

Highlighted
Regular Contributor

Re: Active Directory: I need to append a FQDN to the userid

What is the type of authentication server configured on the sa

is it AD or LDAP

If it is AD auth server configuration in SA enable "Allow domain to be specified as part of username"