3.4 Specifying the target user
The user identifier passed to the MyID server is based on the Windows logon name of the user. This is then matched against the SAM Account Name stored for the user in the MyID database.
You can change how the system handles the user identifier in the following ways:
-
Set the /un option on the command line of the Self-Service App to the logon name you want to use.
-
To change the identifier that is passed to the web services, set the Windows environment variable MYID_USERNAME to the identifier you want to use. This value is used instead of the Windows logon name for all users on the PC.
Note: This environment variable has no effect if you launch the Self-Service App using a hyperlink. To specify a different logon name, you must use the /un command line option instead.
-
To change which MyID field the identifier is matched against, alter the ws_LogonJobs view in the MyID database to change the definition of the UserIdentifier field to point to a different field. This allows you to compare the user identifier to a field other than the SAM Account Name for the user.
Note: Any installation of a MyID update may affect the ws_LogonJobs view in the MyID database; after you update MyID, you must check the ws_LogonJobs view in the database and, if necessary, re-apply any customizations.
Note: In addition to the Windows logon name, MyID also passes the User Principal Name from the client and attempts to match this against the UPN stored for the user in the MyID database; however, if you use the /un command line option or the MYID_USERNAME environment variable to override the Windows logon name taken from the client, MyID does not pass the User Principal Name from the client.
3.4.1 Case sensitivity
-
When MyID matches the User Principal Name from the client against the UPN stored in the database, it carries out a case-insensitive match.
-
When MyID matches the Windows logon name against the SAM Account Name stored in the database, it carries out a case-insensitive match.
-
When MyID matches the username provided by the /un command line option or the MYID_USERNAME environment variable against the SAM Account Name stored in the database, it carries out a case-insensitive match.
3.4.2 Disabling UPN and SAMAccountName checks for the Self-Service App
If you launch the Self-Service App without the /un parameter and there is no MYID_USERNAME environment variable configured, by default, MyID carries out a series of checks, including attempts to find:
-
The User Principal Name (UPN) obtained by the client, which is the UserPrincipalName in the database.
-
The SAM Account Name obtained by the client, which is the SAMAccountName in the database.
If you do not have a UPN or SAM Account Name, these checks fail, and you cannot view your jobs in the Self-Service App.
To remedy this, you can set the Ignore UPN and SAMAccountName checks for Self-Service jobs configuration option (on the Self-Service page of the Security Settings workflow) to Yes, and MyID ignores the UPN and SAM Account Name checks, allowing you to view your available jobs.