Overview
Home Realm Discovery (HRD) does not work with applications that use only a database connection with a username as the only identifier, in combination with the enterprise connection attempting to utilize HRD.
Applies To
- HRD
- Database connection with username as the sole identifier
- Enterprise Connections
Cause
Home Realm Discovery (HRD) considers email domains to determine whether a user is from an enterprise connection or a database connection. However, usernames do not have email domains, so HRD cannot determine whether a user is from the enterprise connection.
Solution
Configure the email attribute as an identifier alongside the username identifier in the database connection to allow the Home Realm Discovery (HRD) mechanism in the Universal Login screen to match email domains to users in the enterprise connection and redirect the users to log in with that connection.