How to use email or User Principle Name (UPN) instead of the Active Directory login?

Path Finder

We currently have our users log into Splunk using their Active Directory (AD) credentials, and specifically the SamAccountName field. In the LDAP strategies pane, there is an option for changing this field. I would like to use email or User Principle Name (UPN). Has anyone done this, and does it present a problem?


0 Karma

Splunk Employee
Splunk Employee

Yes, you can set authentication.conf > userNameAttribute to either "mail" or "userPrincipalName" and login with either.

In my test setup (which I confirmed this in), my email address is the username for both, and after setting it to the respective values, I was able to log in both times.

.conf21 Now Fully Virtual!
Register for FREE Today!

We've made .conf21 totally virtual and totally FREE! Our completely online experience will run from 10/19 through 10/20 with some additional events, too!