1 Reply Latest reply on Apr 2, 2020 4:56 AM by Nawals

    Mapping of AD UPN to support vCenter smart card authentication possible?

    maxel Enthusiast



      we want to use smart card authentication in our vcenter. The problem we have, our PKI Infrastructure gives us user certificates (on the smart card) with Subject Alternative Name (SAN) extension principal name: firstname.lastname@domain1.com


      Our vcenter is authenticating against an other Microsoft AD, the UPN there is : ad-loginname@ad-domain.com


      So it will not work, because in documentation vcenter there is the requirement named:

      A User Principal Name (UPN) must correspond to an Active Directory account in the Subject Alternative Name (SAN) extension.


      So, how can we map this? firstname.lastname@domain1.com  = ad-loginname@ad-domain.com


      Best Regards