An LDAP attribute value in the form of a User Principal Name (UPN) may be used as a direct source for a mainframe username or as an element in a search filter for a secondary LDAP directory.
Enter the name of the LDAP attribute in the authenticating directory that contains the UPN value. The UPN generally has the form auser@domain.com.
Management and Security Server identifies the UPN value used to authenticate, then the portion before the @ sign is used either
as the mainframe username itself (when the UPN is selected for mapping directly without the use of a secondary LDAP directory).
For example, a UPN of auser@domain.com would result in the mainframe username of "auser" (the portion before the @).
or
as an element in a search filter for a secondary LDAP directory.
Related topics