Highlighted
Enthusiast
Enthusiast

Mapping of AD UPN to support vCenter smart card authentication possible?

Hi,

we want to use smart card authentication in our vcenter. The problem we have, our PKI Infrastructure gives us user certificates (on the smart card) with Subject Alternative Name (SAN) extension principal name: firstname.lastname@domain1.com

Our vcenter is authenticating against an other Microsoft AD, the UPN there is : ad-loginname@ad-domain.com

So it will not work, because in documentation vcenter there is the requirement named:

A User Principal Name (UPN) must correspond to an Active Directory account in the Subject Alternative Name (SAN) extension.

So, how can we map this? firstname.lastname@domain1.com  = ad-loginname@ad-domain.com

Best Regards

Axel

0 Kudos
1 Reply
Highlighted
Expert
Expert

Have you gone through this vmware document to understand the prerequisites and configuration to enable smart card authentication..

Configuring and Using Smart Card Authentication

NKS Please Mark Helpful/correct if my answer resolve your query.
0 Kudos