Using NTLM auth sm_user set to domain-name/userID instead of only userID (Legacy KB ID: 186760)

Document ID : KB000054840
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

Using NTLM authentication, the sm_user variable is set the to domain-name/userID instead of only the userID.

FoundScan is one application relying on this value, possible enhancement request.


Solution:

By default, Siteminder will have the domain\username format in SM_USER. But this can be overridden by setting a Siteminder response. You will need to create a response for any realm where you want this functionality. The Variable Name for the response is SM_USER. The Variable Value for the response is NTUSERNAME. This will overwrite the standard SM_USER value with a format of just the username, with no domain\ preceding it.

Note:

This is applicable for the NTLM auth scheme and NOT the extended NTML auth scheme.