UAG smart card authentication plus kcdauthentication true RRS feed

  • Question

  • Hi

    I have already setup smart card certificate authentication to UAG portal. I'm using certificate's field Subject Alternative Name and RFC822 Name to read UPN information. It says 'RFC822 Name=firstname.lastname@Company.com'. That information i'm comparing to AD account's mail attribute. Authentication works ok.

    In Active Directory, samaccount is created from UPN's first part: firstname.lastname. So far i have been able to use kcdauthentication and create valid kerberos ticket which is acceptable for delegation.

    Customer changed their samaccoun to a different form. KCD does not work anymore. I've tried to use regkey:

    HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\e-Gap\von\UrlFilter\KCDUseUPN,1. It does not work.

    I have no idea how to change from inc files that do not use samaccount but instead us UPN. UPN matches mail.

    Any ideas ?

    thanks in advance :)

    br -teemu

    Thursday, November 13, 2014 1:06 PM

All replies