Steps to Enable Exact UPN Format - Metasys - LIT-1201528 - General System Information - Metasys System - 12.0

Security Administrator System Technical Bulletin

Product name
Metasys System
Document type
Technical Bulletin
Document number
LIT-1201528
Version
12.0
Revision date
2022-08-05

About this task

Prior to Metasys Release 8.1, a hybrid UPN format that uses a username with the FQDN was the only UPN option available. An example of this hybrid UPN format is myUser@my.corp.com.

You can enable an exact UPN name authentication that does not require the FQDN. An example of this exact UPN format is myUser@corp.com.

Follow these steps to enable this authentication method:

Procedure

  1. Open Notepad by right-clicking and selecting Run as Administrator.
  2. In Notepad, click File > Open.
  3. Browse to C:\Program Files\Johnson Controls\MetasysIII\ws and right-click on the web.config file.
    Note: By default, the Metasys software and databases are installed to the C: drive. If you have customized the installation location, specify the location. For example, if you installed on drive E, use E:\.
  4. Click Open.
  5. Modify the following key under the<configuration><appSettings> section from false to true:
    <! --Whether to validate onexact UPN for Office365 style ActiveDirectory --><addkey="enableOffice365StyleActiveDirectoryAuthentication"value="true"></add>
  6. Save and close the web.config file.
  7. If SCT is not installed on the same computer as the Metasys server, restart the target server.
    If SCT is installed on the same computer as the as the Metasys server, continue to Step 7a.
    1. Open Notepad by right-clicking and selecting Run as Administrator.
    2. In Notepad, click File > Open.
    3. Browse to C:\Program Files\Johnson Controls\MetasysIII\Tool and right-click on the web.config file.
      Note: By default, the Metasys software and databases are installed to the C: drive. If you have customized the installation location, specify the location. For example, if you installed on drive E, use E:\.
    4. Modify the following key under the<configuration><appSettings> section from false to true:

      <! --Whether to validate onexact UPN for Office365 style ActiveDirectory --><addkey="enableOffice365StyleActiveDirectoryAuthentication"value="true"></add>

    5. Save and close the web.config file.
    6. Restart the target server.
  8. After editing the web.config files, you can begin adding Active Directory users with exact UPN usernames to the Metasys system using the Security Administrator System.