I’m using PI with multiple realms, Login is normally performed with samaccountname. Now I have the requirement to authenticate users with the UserPrincipleName which contains an @-sign.
The login via RADIUS is no problem, I made a script to add the realm to any username from specific IPs, so login is made as user@domain@realm which is working perfect.
Unfortunately the login in the WebUI is not controllable this way. So I thought, if I add the realm as dropdown in the webui-policy, PI would not split the username at the @ when a realm is selected. But it looks like, the dropdown is just for convenience…
Is this baviour a bug or works-as-designed?
Is it possible, to change the split-character from @ to something other, like § or &?