Rowen Gunn Posted December 6, 2018 Share Posted December 6, 2018 Hello! I've just setup Netscaler MAS and while reviewing sign in errors I noticed about half of them are users trying to log into our SSLVPN or ICA gateway with their company email address not their username. We use LDAP with the domain preconfigured for the user to sign in so they just need to put in their username and password, email doesn't work. Is there a way I can configure authentication to work with both the user's username only and if they input their full company email address? Thanks! Link to comment Share on other sites More sharing options...
CarlStalhood Posted December 6, 2018 Share Posted December 6, 2018 Bind a second LDAP Policy but this time with userPrincipalName as the Server Logon Attribute. 1 Link to comment Share on other sites More sharing options...
Rowen Gunn Posted December 6, 2018 Author Share Posted December 6, 2018 4 minutes ago, Carl Stalhood1709151912 said: Bind a second LDAP Policy but this time with userPrincipalName as the Server Logon Attribute. Thanks Carl! I just found the KBA on it too from Citrix: https://support.citrix.com/article/CTX207284 1 Link to comment Share on other sites More sharing options...
Tim Hadlock Posted July 29, 2021 Share Posted July 29, 2021 I know this post is a bit dated but seems to directly apply to our environments. We have about 3 different environments and they all ask for something different (domain\username, username, email, etc.). However, currently our secondary is 2FA. With that said should I just set the 2 LDAP policies up in my primary authentication using different priorities since secondary is setup as RADIUS? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now