Symantec Access Management

  • 1.  Effective Lookup in Siteminder User Store

    Posted Jun 18, 2015 05:54 PM

    Hi,

     

    We have a requirement where users are stored in LDAP as "userid@abc" and the user wants to enter only "userid" part on the Login Page as they are not aware of the Append in LDAP.

     

    Is it possible to somehow use the Effective Lookup feature in user store configuration screen so that SM appends the text "@abc" before doing the actual lookup. Any help is much appreciated as I could not find anything in documentation.

     

    (uid=ID-From-Login@abc)





  • 2.  Re: Effective Lookup in Siteminder User Store

    Posted Jun 19, 2015 11:16 AM

    identitymanager

     

    There are different ways one could accomplish this.

     

    Option-1 : You could embed the code logic on the loginpage to append @abc.com before posting the creds to login.fcc.

     

    Option-2 : Use SMWALKER as an authentication scheme WEDGE to manipulate / modify before doing a user disambiguation. Inorder to use SMWALKER you'll need to reach out to your Account Manager and procure the necessary Global Delivery Support / Licensing agreements.

     

    Option-3 : Try to define within the Authentication Scheme Effective Lookup, just like you mentioned. I personally haven't tried this, however a few trial & error should suggest this would work OR not. PROS, this would be very simple. CONS, it does not provide you any dynamic e.g. if there are users with @xyz what then (whereas the above 2 approaches does offer some flexibility)? Hence I would evaluate this solution based on longer term business needs rather than short term goals.

     

     

    Regards

     

    Hubert



  • 3.  Re: Effective Lookup in Siteminder User Store

    Posted Jun 22, 2015 12:34 PM

    Thanks Hubert!

     

    I will try option 3 and let you know how it goes.