question

SanjeevNachimuthu-9076 avatar image
0 Votes"
SanjeevNachimuthu-9076 asked ·

AAD Login uses logged in user by default

Hi,

I have a few applications that use AAD for authentication.

Current behavior: I am logged into my desktop using a@domain.com. I launch the application, the app redirects to the AAD login screen and enter b@domain.com as the user name. When I click the login button the application logs in automatically using a@domain.com and completely ignores b@domain.com

Purpose: I am trying to use synthetic transactions (Dynatrace) to monitor the application. When the scripts use a username to login it is completely ignored and AAD uses the Local System user to login and AAD does not consider it as a valid user. It completely ignores the user b@domain.com that is entered in the username field.

Expected behavior: I should be able to logon to the application using any username/password irrespective of the user logged on to the computer or the user context the service is running under.

thanks

azure-active-directory
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

LukasBeran avatar image
0 Votes"
LukasBeran answered ·

Does it work in inprivate mode? What about different browsers like Firefox, Opera, or Chrome without the Microsoft Account extension? Then seamless SSO should not work so you should be able to use any account.

· Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

SanjeevNachimuthu-9076 avatar image
0 Votes"
SanjeevNachimuthu-9076 answered ·

I have tried both Chrome and Firefox. The same behavior is there too. Same behavior in private mode too. The only way for me to login as another user is to use the "Run as another user" option to launch the browser. While this will work on my desktop I cannot run the Dynatrace service under a user account, it works only as Local System user.

Also the user b@domain.com can be just anything, does not look like AAD is even using what I entered there. I used psexec to launch the browser in Local System user to replicate the issue.

· Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.