Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 796 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

xg user portal - login with AD using email address instead of username (or both)

mouk

Hi,

Nowadays, many users are accustomed to provide their email address as "username" when authenticating.

In the sophos xg user portal, this does not work, because xg then simply tries to authenticate to our AD with username user@domain.com and AD responds with NT_STATUS_NO_SUCH_USER Effectively only the plain username works.

Is there a way to tell XG to first SEARCH AD for user (match email address or samaccountname, or whatever) and then use the located user to authenticate as?

XG has configured a system user to connect to AD, so implementation could be relatively simple: no additional config required

Are we missing something, or is this really not yet possible?



This thread was automatically locked due to age.
  • 0

    This is currently not possible, as the firewall will split up the SAMAccountname and match it against the domains. This implementation works fine until you have multiple users in different ADs (which are essentially different users). There are currently Investigation to change this behavior to match the UPN. 

    BTW: If you are planing to migrate to Azure AD, you will have likely to resolve this entire concept. So maybe you can look at this from a AD perspective to resolve this. 

  • 0 in reply to LuCar Toni

    Hi !

    Thanks for your answer. It's a pity to read it. The "regular" way of handling LDAP is by doing a search for the user first, optionally even through multiple LDAPs / ADs. It's a pity that XG decided to handle things differently.

    Anyway: again thank you for your reply!