Can we configure SiteMinder to log in by using the email address rather than the username?

Document ID : KB000051443
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

Most of the time, in a standard SiteMinder implementation, we are using the username or common name to login to an application.

In some implementations you may want to use the email address (or any other user attribute like givenname, uid, cn, mail etc) to authenticate into a user directory and use this email address as your identifier on a portal.

Solution:

In Order for SiteMinder to Authenticate/authorize a user using Email (or any user attribute like mail, givenname, uid, cn etc) and not by username then perform the following settings in SiteMinder Policy server Admin UI :

  1. Go to the SiteMinder Policy server User Directory Properties

  2. Change the setting of the user directory setup and give LDAP User DN Lookup as:
    (mail=))

Note:

In case of Active Directory used as User store, you can setup:
LDAP User DN Lookup: (&(objectclass=person) (mail=))

Similarly, you can give other user attributes (like cn, uid, givenName) to enable SiteMinder to authenticate/authorize against these attributes.