立即与支持人员聊天
与支持团队交流

One Identity Safeguard for Privileged Sessions 6.9.3 - YubiKey Multi-Factor Authentication - Overview

[username_transform]

This section contains username transformation-related settings.

Declaration
[username_transform]
append_domain=<domain-without-@-character>

If you have configured [USERMAPPING], the [username_transform] process will run after the [USERMAPPING] process.

append_domain
Type: string (nonrequired, no default)
Required: no
Default: N/A

Description:

If the YubiKey service requires the use of domain name in the external YubiKey identity, configure the append_domain parameter in the [username_transform] section. In this case, SPS automatically appends the @ character and the value of this option to the username from the session, and uses the resulting username on the YubiKey server to authenticate the user. For example, if the domain is set to append_domain: example.com and the username is Example.User, the SPS plugin will look for the user Example.User@example.com on the YubiKey server.

If you configure both the append_domain parameter in the [username_transform] section and the [usermapping source=ldap_server] section of the SPS YubiKey plugin, SPS appends the @ character and the value of the append_domain parameter to the value retrieved from the LDAP database.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级