Documentation

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Panel
borderColor#145570
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#145570
borderStylesolid
titleSecureAuth IdP Configuration Steps
UI Text Box
typenote

Select the type of directory integration used for the Forgot Username realm and follow the appropriate steps

UI Tabs
UI Tab
titleLDAP Directories (AD and others)
Panel
borderColor#126591
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#126591
borderStylesolid
titleData
UI Text Box
typeinfo

This is a configuration example using an Active Directory integration and common data fields, so it is not universal for every enterprise data store, but may be used as a reference to other LDAP directory types

Section
Column
width50%

Column
width50%

 

1. In the Membership Connection Settings section, change the searchFilter to accept the user's email address on the initial login page (instead of the username)

This would correspond to the field in the enterprise directory that contains the email address, e.g. (&(mail =%v)(objectclass=*))

2. Set the Search Attribute to the directory attribute that contains the user ID to be retrieved

UI Text Box
typeinfo

Once the end-user authenticates, the ID from the Search Attribute is provided as the forgotten username

Move onto step 5

UI Tab
titleSQL-type Data Stores
UI Text Box
typeinfo

This is a configuration example using a SQL Data Store integration and common properties, so it is not universal for every enterprise data store, but may be used as a reference to other SQL-type data stores (Oracle, ASP.net, ODBC, others)

UI Text Box
typenote

If configuring a realm with an ASP.net database integration, then follow these steps and refer to the ASP.net Required Steps section following step 4

Panel
borderColor#126591
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#126591
borderStylesolid
titleSQL Data Store Configuration Steps

1. In the SQL data store, create new Stored Procedures that are specific for the Forgot Username realm, using email (or another preferred property) as the user ID

Using SecureAuth's provided Stored Procedures and Tables, replace the Stored Procedure name with a friendly name, e.g. replace GetUser with GetUserByEmail in sp_GetUser: sp_GetUserByEmail

This differentiates the Stored Procedure from the others that employ the username as the User ID

Replace UserName with Email1 in WHERE UserName = @UserName: WHERE Email1 = @UserName

This tells SecureAuth IdP to employ the user's email address stored in Email 1 as the user ID

Code Block
languagesql
CREATE PROC [dbo].[sp_GetUserByEmail] @UserName VARCHAR(60)
AS
BEGIN
    SELECT [UserName]
        ,ISNULL([GroupList], '')
        ,ISNULL([PwdLastSet],'1/1/1900')
        ,ISNULL([AccountStatus], '')
    FROM UserTable
    WHERE Email1 = @UserName
END
UI Text Box
typeinfo

Shown as an example is the Get User Stored Procedure, which must be updated for this realm

The following Stored Procedures must be updated in the same manner, but with unique, friendly names:

  • Get User (new name: GetUserByEmail)
  • Get Profile (new name: GetProfileByEmail)
  • Update Profile (new name: UpdateProfileByEmail)
  • Validate / Get Password, required only if the user's password is required in the workflow to retrieve the forgotten username (new name: ValidatePasswordByEmail / GetPasswordByEmail)
Code Block
languagesql
CREATE PROC [dbo].[sp_GetProfileByEmail] @UserName VARCHAR(60)
AS
BEGIN
    SELECT UserName
        ,IsNull(FirstName, '') FirstName
        ,IsNull(LastName, '') LastName
        ,IsNull(Phone1, '') Phone1
        ,IsNull(Phone2, '') Phone2
        ,IsNull(Phone3, '') Phone3
        ,IsNull(Phone4, '') Phone4
        ,IsNull(Email1, '') Email1
        ,IsNull(Email2, '') Email2
        ,IsNull(Email3, '') Email3
        ,IsNull(Email4, '') Email4
        ,IsNull(AuxID1, '') AuxID1
        ,IsNull(AuxID2, '') AuxID2
        ,IsNull(AuxID3, '') AuxID3
        ,IsNull(AuxID4, '') AuxID4
        ,IsNull(AuxID5, '') AuxID5
        ,IsNull(AuxID6, '') AuxID6
        ,IsNull(AuxID7, '') AuxID7
        ,IsNull(AuxID8, '') AuxID8
        ,IsNull(AuxID9, '') AuxID9
        ,IsNull(AuxID10, '') AuxID10
        ,IsNull(pinHash, '') pinHash
        ,IsNull(Questions, '') Questions
        ,IsNull(Answers, '') Answers
        ,IsNull(ChallengeQuestion, '') ChallengeQuestion
        ,IsNull(ChallengeAnswer, '') ChallengeAnswer
        ,IsNull(CertResetDate, '1/1/1900') CertResetDate
        ,IsNull(CertCount, 0) CertCount
        ,IsNull(CertSerialNumber, '') CertSerialNumber
        ,IsNull(MobileResetDate, '1/1/1900') MobileResetDate
        ,IsNull(MobileCount, 0) MobileCount
        ,IsNull(ExtSyncPwdDate, '1/1/1900') ExtSyncPwdDate
        ,IsNull(HardwareToken, '') HardwareToken
        ,IsNull(iOSDevices, '') iOSDevices
        ,IsNull(OATHSeed, '') OATHSeed
        ,IsNull(OneTimeOATHList, '') OneTimeOATHList
        ,IsNull(GroupList, '') GroupList
    FROM UserTable
    WHERE Email1 = @UserName
 
 
    SELECT DigitalFP
    FROM UserFP
    WHERE Email1 = @UserName
 
 
    SELECT PNToken
    FROM UserPN
    WHERE Email1 = @UserName
 
 
    SELECT AccessHistory
    FROM UserAccessHistory
    WHERE Email1 = @UserName
 
 
    SELECT OATHToken
    FROM UserOT
    WHERE Email1 = @UserName
END
GO
UI Text Box
typetip

Note the updates applied to this Stored Procedure from step 1

UI Text Box
typeinfo

The following steps are completed in the SecureAuth IdP Web Admin

Panel
borderColor#126591
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#126591
borderStylesolid
titleData
Section
Column
width50%

Column

 

2. In the Membership Connection Settings section, set the Get User SP to the friendly name of the Forgot Username-specific Get User Stored Procedure (configured in step 1), e.g. GetUserByEmail

3. Set the Validate / Get Password SP to the friendly name of the Forgot Username-specific Get / Validate Password Stored Procedure, e.g. GetPasswordByEmail

UI Text Box
typeinfo

Step 4 is required only if the user's password is required in the Forgot Username realm login workflow

Anchor
asp
asp

Panel
borderColor#3e7fa0
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#3e7fa0
borderStylesolid
titleProfile Connection Settings
Section
Column
width50%

Column

 

4. Set the Get Profile SP and the Update Profile SP to the friendly names of the Forgot Username-specific Get User Profile and Update User Profile Stored Procedures, e.g. GetProfileByEmail and UpdateProfileByEmail

UI Expand
titleASP.net Required Configuration Steps
UI Text Box
typeinfo

The following steps are for Forgot Username realms using ASP.net database as the directory source

Forgot Username with ASP.net database is supported by SecureAuth IdP versions 9.1+

Panel
borderColor#145570
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#145570
borderStylesolid
titleSecureAuth IdP Configuration Steps
Panel
borderColor#126591
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#126591
borderStylesolid
titleSystem Info
Section
Column
width50%

Column

 

1. In the Links section, select Click to Edit Web Config File

Panel
borderColor#3e7fa0
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#3e7fa0
borderStylesolid
titleWeb Config Editor
Section
Column

 

Column
width33%

Column
width33%

Column
width34%

 

2. Search for ASPNETMembershipProvider, and add the following line in the ASPNETDB section

Code Block
searchFilter="email"

3. Search for ASPNETProfileProvider, and add the following line in the ASPNETDB section

Code Block
searchFilter="email"
UI Text Box
typewarning

Click Save once the configurations have been completed and before leaving the Web Config Editor page to avoid losing changes

Panel
borderColor#145570
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#145570
borderStylesolid
titleASP.net DB Configuration Steps
Section
Column
width50%

 

Column

 

3. If the LoweredEmail field is empty, then populate the field in the ASP.net database

UI Text Box
typewarning

Click Save once the configurations have been completed and before leaving the Data page to avoid losing changes

Panel
borderColor#126591
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#126591
borderStylesolid
titlePost Authentication
Section
Column
width50%

Column

 

5. Select Forgot Username from the Authenticated User Redirect dropdown in the Post Authentication tab in the Web Admin

6. An unalterable URL is auto-populated in the Redirect To field, which appends to the domain name and realm number in the address bar (Authorized/ForgotUsername.aspx)

Panel
borderColor#3e7fa0
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#3e7fa0
borderStylesolid
titleForgot Username
Section
Column
width50%

Column

 

7. Choose the Username Delivery Option, which either is to Display on page or to Send in email to the field designated in the searchFilter / Stored Procedures (Email 1)

UI Text Box
typeinfo

The username displayed on the page or sent in the email is the username stored in the directory attribute mapped to the Search Attribute field; or the User ID stored as the UserName in SQL-type data stores

UI Text Box
typewarning

Click Save once the configurations have been completed and before leaving the Post Authentication page to avoid losing changes

Panel
borderColor#3e7fa0
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#3e7fa0
borderStylesolid
titleForms Auth / SSO Token
Section
Column
width50%

Column

 

8. Click View and Configure FormsAuth keys / SSO token to configure the token/cookie settings and to configure this realm for Single Sign-on (SSO)

UI Text Box
typeinfo

These are optional configurations

Excerpt Include
Account Management (Help Desk) Page Configuration Guide
Account Management (Help Desk) Page Configuration Guide
nopaneltrue

...