| Info |
|---|
You may set up configure Azure AD to use sAMAccountName (e.g. “username”) instead of userPrincipalName (e.g. “user.name@domain.com”) for your SCIM synchronization from Azure AD to your Confluence, Jira, Bamboo or Bitbucket installation. This is convenient if your existing installation is the users in your instance are already using sAMAccountName as the username keyattribute. |
If you already have already configured SCIM, do the following to use sAMAccountName instead of userPrincipalName as the username attribute.
...
Map sAMAccountName as the username attribute
In the Azure Portal, navigate to attribute mappings for your configured SCIM application. This is found under Provisioning > Edit attribute mappings in your configured SCIM application.
...
2. Under the Mappings section, click Provision Azure Active Directory Users
...
3. Change which source attribute is used as the userName by clicking the userName row and selecting the sAMAccountName Source attribute (this typically named something like sAMAccountName (extension_xxxxxx), where xxxxxx is a random string).
...
The last piece of the puzzle is to make the SAML response from Azure AD return the attribute to Kantega SSO during login. To do this, go to Single sign-on. Edit , edit the User Attributes & Claims and add a new claim with the attribute onpremisessamaccountname. In the case below. sAMAccountName example below, we named the claim sAMAccountName, and this can now be used as the Username attribute in the User lookup configuration in Kantega SSO.
...
Kantega SSO. After this change, do a test login in Kantega SSO and set the Custom username attribute to sAMAccountName (see below illustration):
...
Changes to the OIDC login configuration
Similarly to the above SAML example will have to be done A similar mapping as described above for SAML would need to be configured if you are using OIDC as your login protocol.
...