1 Reply Latest reply on Apr 2, 2020 4:56 AM by Nawals

    Mapping of AD UPN to support vCenter smart card authentication possible?

    maxel Enthusiast

      Hi,

       

      we want to use smart card authentication in our vcenter. The problem we have, our PKI Infrastructure gives us user certificates (on the smart card) with Subject Alternative Name (SAN) extension principal name: firstname.lastname@domain1.com

       

      Our vcenter is authenticating against an other Microsoft AD, the UPN there is : ad-loginname@ad-domain.com

       

      So it will not work, because in documentation vcenter there is the requirement named:

      A User Principal Name (UPN) must correspond to an Active Directory account in the Subject Alternative Name (SAN) extension.

       

      So, how can we map this? firstname.lastname@domain1.com  = ad-loginname@ad-domain.com

       

      Best Regards

      Axel