When users use a user name and password authentication method, you can enable the unique identifier option to display the identifier-based login pages. Users are asked to enter their unique identifier and then are asked to enter the appropriate authentication based on the configured access policy rules.

The authentication methods that support unique identifier-based login include the Password authentication methods, RSA SecurID, and RADIUS.

Prerequisites

  • Select the unique identifier user attribute to use in the I &M Access > User Attributes page. Make sure that attribute is used only to identify unique objects.

  • Make sure that the selected attributes sync to the directory.

  • Verify that the default access policy rules for the user domains reflect the type of authentication to use when the identifier-based login is available.

Procedure

  1. In the VMware Identity Manager console Identity & Access Management tab, click Preferences.
  2. If you are setting up unique identifier-based login in a single domain environment, enable Show the System Domain on Login Page.

    Enabling this functionality is required only when one domain is configured in VMware Identity Manager.

  3. To hide the domain selection login page, select the Enable check box.
  4. Select the unique identifier to use from the drop-down menu. The options are userName or email for VMware Identity Manager cloud tenants. The on premises service also includes userPrincipalName and employeeID unique identifiers options.
  5. In the Customize the Sign-in Input Prompt text box, enter the prompt to display in the user text box on the sign-in screen.

    If this text box is blank, the sign-in unique identifier value is displayed.

  6. Click Save.