Greetings. I am setting up IdentityNow with a pass-through authentication with Active Directory. I am not quite clear on the usage of authentication search attributes which are set up on the AD connector. The way documentation reads (at least for IIQ), these attributes define what you can type in on the login screen for the Username value. For example, if my authSearchAttributes = sAMAccountName, then I should be able to use sAMAccountName value as the Username on the login screen, even though the UID in IdentityNow is something else (employee ID). But it does not work. It only works if I put in employee ID as the Username. What is the point of authSearchAttributes then?
We need to be able to keep the UID (IdentityNow name) and the Username that users log on with different.
Any insight is much appreciated.