SM_USER header value in IWA authentication scheme.

book

Article ID: 40906

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Question: 

When implementing IWA authentication and it seems that SM_USER is in the format of DOMAIN\UID. What is the solution to set the SM_USER to just UID? 

 

Environment:  

Policy server version: Any version that supports IWA authentication

Policy server OS: Windows 2008 R2, 

Webagent version: Any version

Webagenr Version: Windows 2008 R2

 

Answer: 

The header can be overwritten from a custom header response on

the get/post/etc named "SM_USER". Please follow the below steps:

- This would be a "SiteMinder Web Agent Response"

- The attribute will be "Web Agent HTTP Header Variable"

- The kind would be "User Attribute"

- The variable name would be "SM_USER"

- The attribute name is whatever you want to give, example: samaccountname

 

If you wish to change the value in the cookie we would need to either use a

custom module or open an enhancement request.

Environment

Release:
Component: SMIIS