To support username alias, follow the steps below
- Create a special registry key
On the Windows client PC, create the registry key below:
HKEY_LOCAL_MACHINE\SOFTWARE\Deepnet Security\Computer Logon
Then, add a string value named “logon_format”. The value can be anything you like, but you need to have a fixed pattern.
For instance, the value starts with “winlogon-“ followed by the Netbios name and the username, i.e. “winlogon-%netbios%-%username%
There are 3 wildcards below you can use:
- %netbios%
- %dns%
- %username%
- Create an Identity Attribute for Alias
In the DualShield MFA server, create a new Identity Attribute and name it whatever you like, such as “WinAlias”. You can make it an internal Identity Attribute or an External Attribute
- Set Alias for each user
For each user, you need to set the value of the Alias Identity Attribute. The value must follow the same format/pattern as the “logon_format”. For example: “winlogon-ibm-jdoe” for the user “jdoe” in the “ibm” organization.
- Setup the User Identity policy
Edit the User Identity policy, set the Regular Expression Rule 1 according to the “logon_format”, e.g. “winlogon-.*