Siebel Security Guide > Security Adapter Authentication > Security Adapter Deployment Options >

Configuring Adapter-Defined User Name

You can configure your authentication system so that the username presented by the user and passed to the directory to retrieve a user's database account is not the Siebel user ID. For example, you might want users to enter an adapter-defined user name, such as their Social Security number, phone number, email address, or account number. The security adapter returns the Siebel user ID of the authenticated user and a database account from the directory to the authentication manager.

The adapter-defined user name option can be implemented in the following authentication strategies:

• Security adapter authentication: LDAP, ADSI, custom (not database authentication)
• Web SSO authentication

The adapter-defined user name must be stored in one attribute in your directory, while the Siebel user ID is stored in another attribute. For example, you might have users enter their telephone number, stored in the telephonenumber attribute, while their Siebel user ID is stored in the uid attribute.

The UsernameAttributeType configuration parameter defines the directory attribute that stores the username that is passed to the directory to identify the user, whether it is the Siebel user ID or an adapter-defined user name. The OM - Username BC Field (alias UsernameBCField) parameter for the AOM defines the field of the User business component that underlies the attribute specified by UsernameAttributeType.

Even if other requirements to administer user attributes in the directory through the Siebel client are met, you must also set the UsernameAttributeType parameter for the security adapter, and set the OM - Username BC Field parameter. If you do not define these parameters appropriately, changes through the Siebel client to the underlying field are not propagated to the directory.

For example, for users to log in with their work phone number, you must specify UsernameAttributeType to be the directory attribute in which the phone number is stored, for example, telephonenumber, and you must define OM - Username BC Field to be Phone #, the field in the User business component for the work phone number.

The following procedure outlines how to configure an adapter-defined user name.

To configure an adapter-defined user name

1. For each security adapter (such as LDAPSecAdpt) that implements an adapter-defined user name, define the following parameter values:

   Parameter	Value
   UseAdapterUsername	TRUE
   SiebelUserNameAttributeType	The attribute in which you store the Siebel user ID, such as uid (LDAP), or sAMAccountName (ADSI).
   UsernameAttributeType	The attribute in which you store the adapter-defined user name, such as telephonenumber.

   For information about setting Siebel Gateway Name Server configuration parameters, see Siebel Gateway Name Server Parameters. For Developer Web Client, define these parameters in the corresponding section in the application configuration file, such as uagent.cfg for Siebel Call Center.

2. Determine the field on the User business component that is used to populate the attribute in the directory that contains the adapter-defined user name.

   The AOM parameter to be populated is OM - Username BC Field.

   For information about working with Siebel business components, see Configuring Siebel Business Applications. For information about working with configuration parameters, see Siebel System Administration Guide.

3. Using Siebel Server Manager, specify the User business component field name as the value for the OM - Username BC Field parameter. You can provide this value at the Enterprise, Siebel Server, or component level. If this parameter is not present in the parameters list, add it.

   NOTE:  The OM - Username BC Field parameter is case sensitive. The value you specify for this parameter must match the value specified for the parameter in Siebel Tools.

   If you do not specify a field in the OM - Username BC Field parameter, the Siebel security adapter assumes that the Login Name field of the User business component (the Siebel user ID) underlies the attribute defined by the UsernameAttributeType parameter.

For information about setting Siebel configuration parameters, see Configuration Parameters Related to Authentication.