Chat now with support
Chat with Support

One Identity Safeguard for Privileged Sessions 6.0.10 - inWebo Multi-Factor Authentication - Tutorial

Mapping SPS usernames to inWebo identities

By default, SPS assumes that the inWebo username of the user is the same as the gateway username (that is, the username the user used to authenticate on SPS during the gateway authentication). To identify the users, SPS uses the username (login) field in inWebo, which is an email address.

If the gateway usernames are different from the inWebo usernames, you must configure the SPS inWebo plugin to map the gateway usernames to the inWebo usernames. You can use the following methods:

  • To simply append a string to the gateway username, configure the append_domain parameter. In this case, SPS automatically appends the @ character and the value of this option to the username from the session, and uses the resulting username on the inWebo server to authenticate the user. For example, if the domain is set as append_domain: example.com and the username is Example.User, the SPS plugin will look for the user Example.User@example.com on the inWebo server.

  • To look up the inWebo username of the user from an LDAP/Active Directory database, configure the [ldap] section of the SPS inWebo plugin. Typically, the SPS plugin queries the email address corresponding to the username from your LDAP or Active Directory database. For details on LDAP parameters, see [ldap].

  • If you configure both the append_domain parameter and the [ldap] section of the SPS inWebo plugin, SPS appends the @ character and the value of the append_domain parameter to the value retrieved from the LDAP database.

  • If you have configured neither the Domain parameter nor the [ldap] section, SPS assumes that the inWebo username of the user is the same as the gateway username.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating