Uploaded image for project: 'Grouper'
  1. Grouper
  2. GRP-2704

Providing alternate ways of providing Azure userPrincipalName instead of auto generating

    XMLWordPrintable

Details

    • New Feature
    • Status: Resolved
    • Minor
    • Resolution: Unresolved
    • None
    • 2.5.27
    • None
    • None

    Description

      Hi,

      It was great news when azure provisioner was announced today with support for Unified groups. I was waiting to use it, but one small restriction does not make it usable for us. It looks like userPrincipalName is generated from <uid>@<tenant.id>. There is an option to configure the first part, but looks like the second part is not configurable. 

      We use AzureADSync to sync our users and the userPrincipalName in our case is yale.edu but the tenant id is yaleedu.onmicrosoft.com. The cloud users will have the later as a suffix to there userPrincipalName, but user synchronized from on-premise AD using Azure AD sync will have yale.edu as the suffix. 

      Would it be possible to provide a possible list of domain values for the UPN suffix, and maybe a priority order to try to find a user or at least provide a way to specify the Azure UPN as a attribute on the subject directly so that the code does not have to generate the UPN

      Thanks,

      Amit 

      (Yale University)

       

      Attachments

        Activity

          People

            chad.redman@at.internet2.edu Chad Redman (unc.edu)
            amit.poddar.2@at.internet2.edu Amit Poddar
            Chris Hyzer (upenn.edu)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:

              Smart Checklist