An Example Script

This sample user map script creates a user name by adding the application name to the current user name in Active Directory. The script assigns the result to LoginUser.Username.

LoginUser.Username = LoginUser.Get(“user”) + “\#” + Application.Get(“Name”);

When the user whose AD account is “barney.blanton” wants to log into the web application named “Busfare,” the script creates the user name “barney.blanton#Busfare”. The script assigns the user name to LoginUser.Username, where the custom user-password script will find the user name later and use it for the HTML response.

Because the script does not create and assign a password to LoginUser.Password, the Privileged Access Service uses the password it receives when it prompts the user. The Privileged Access Service assigns the password to LoginUser.Password and then stores the password locally for later user sessions.