If your Active Directory includes multiple employee user names configured with the same FirstName and LastName, you must create a custom attribute in the Devices & Users > General > Lookup Fields page in the Workspace ONE UEM console to use as the Kerberos Principal Name in the iOS SSO profile configured in the Workspace ONE UEM console.
Procedure
- In the Workspace ONE UEM console, navigate to .
- In the Devices & Users section, select General and then click Lookup Fields.
- Click ADD CUSTOM FIELD and configure the following.
| Option |
Description |
| Option |
Description |
| Standard Lookup Field |
In the drop-down menu, select User Principal Name. |
| Name |
Enter a name for the custom look up field. For example, KerberosSPN |
| Description |
Enter the description of this custom field, for example, Custom Kerberos User Principal Name lookup |
| Allow Inheritance |
Select Enable. |
| Custom type |
Select Regex Lookup. |
| Regular Expression |
Enter ^[^@]+. |
- Click SAVE.
The custom lookup name is listed in the Lookup table page.
- To add the custom lookup name to the iOS profile, in the Workspace ONE UEM console, navigate to the iOS Resources >Profiles page and select the iOS device profile to edit. In the Single Sign-On page Kerberos Principal Name text box, enter the custom lookup name that you created.
- Select SAVE & PUBLISH.
