Feature request - Use UPN authentication in EM

[mortenr]

Hi

Setup: Enterprise Manager is installed on a dedicated VM and EM is only access remotely. Permissions are granted based on Active Directory group memberships.

In this case, local SAM database properties for a given domain user is rarely updated on the EM host, resulting in AD permission changes (e.g. change of group memberships) to take a very long time to be recognized. Sometimes 24 hours or more.
This is only when loggins in using SAM format (domain\username). If you log in using UPN format (username@domain), memberships are read directly from domain and reflected more of less instantly.
There is no option to trigger a local refresh of SAM database for all users. Above has been confirmed by support case 07380152.
This behaviour makes SAM based authentication practically useless in the given setup.

Please implement option to either:
-default to using UPN based authentication regardless of what format is given during login
-enable option to only allow UPN based authentication.

Best Regards
Morten Bonnerup Rasmussen

[Mildur]

Hi Morten,

Thank you. We will review the case and discuss your requests internally.

- default to using UPN based authentication regardless of what format is given during login

Do you mean we should look up the UPN from a provided "DOMAIN\USERNAME" and then change the login format when processing the user login?

Best,
Fabian