Map User Accounts

On the Account Mapping page, configure how the login information is mapped to the application’s user accounts. Depending on the type of application that you select, the options that you see might be different than those shown here.

Depending on your application, available options might vary slightly.

  • Directory Service Field: Use this option if the user accounts are based on user attributes. For example, specify an Active Directory field such as mail or userPrincipalName or a similar field from the Delinea Directory.

  • All users share one name: Use this option if you want to share access to an account but not share the user name and password. For example, some people share an application developer account.

  • Prompt for user name: Use this option if you want users to supply their own user name and password. This option only applies to user password application types. The first time that users launch the application, they enter their login credentials for that application. The Delinea Directory stores the user name and password so that the next time the user launches the application, the Delinea Directory logs in the user automatically.

  • Account Mapping Script: You can customize the user account mapping here by supplying a custom JavaScript. For example, you could use the following line as a script:

    LoginUser.Username = LoginUser.Get('mail')+'.ad';

    The script sets the login user name to the user’s mail attribute value in Active Directory and adds ‘.ad’ at the end. For example, if the user’s mail attribute value is Adele.Darwin@acme.com then the account mapping script sets LoginUser.Username to Adele.Darwin@acme.com.ad. For more information about writing a script to map user accounts, see the SAML Application Scripting.