5.10.4 User Principal Name (UPN)

An LDAP attribute value in the form of a User Principal Name (UPN) may be used as a direct source for a mainframe username or as an element in a search filter for a secondary LDAP directory.

Enter the name of the LDAP attribute in the authenticating directory that contains the UPN value. The UPN generally has the form auser@domain.com.

Management and Security Server identifies the UPN value used to authenticate, then the portion before the @ sign is used either

  • as the mainframe username itself (when the UPN is selected for mapping directly without the use of a secondary LDAP directory).

    For example, a UPN of auser@domain.com would result in the mainframe username of "auser" (the portion before the @).

    or

  • as an element in a search filter for a secondary LDAP directory.

Related topics