Hello Guys,

we are coming from an upgraded ISAM installation and therefore the case insensitivity for AAC services was disabled out of the box (username.legacyBehavior=true). To fix it we run following DB commands from Jasmine blog :

UPDATE AUTHENTICATORS SET USERNAME=LOWER(USERNAME);
UPDATE MMFA_AUTH_TXN_DATA SET USERNAME=LOWER(USERNAME);
UPDATE OAUTH20_TOKEN_CACHE SET USERNAME=LOWER(USERNAME);
UPDATE OAUTH_TRUSTED_CLIENT SET USERNAME=LOWER(USERNAME);
UPDATE RBA_USER_DEVICE SET USER_ID=LOWER(USER_ID);
UPDATE RBA_USER_USAGE_DATA SET USER_ID=LOWER(USER_ID);
UPDATE U2F_TOKENS SET USERNAME=LOWER(USERNAME);
UPDATE USER_ATTRIBUTES SET USER_ID=LOWER(USER_ID);

INSERT INTO HVDB_SCHEMA_UPDATES VALUES (CURRENT_TIMESTAMP, 198711069, 'username.legacyBehavior');

After running these commands we saw that all corresponding lines were set to lower case in our DB. But anyway after restarting of whole Appliance the parameter username.legacyBehavior was still set to true (case sensitive).
So we expected that this parameter will automatically set to false (case insensitive) after running these commands. And therefore we are not sure if ISAM is handling the AAC requests in the correct way as case insensitive? Do you have an idea how to fix that?

------------------------------
Thomas Renner
------------------------------

Hello Thomas,
unfortunately the setup is incomplete: next to the SQL statements given above for the HVDB or runtime DB you also need to use one for the Configuration DB!

Execute the following SQL statement against the Configuration database:
UPDATE ISAM_OVERRIDE_CONFIGS SET CONFIG_VALUE = 'FALSE'  WHERE CONFIG_EXTERNAL_KEY = 'USERNAME.LEGACYBEHAVIOUR';

Then restart the LMI

------------------------------
Jan Brokate
------------------------------

Original Message:
Sent: Wed February 05, 2020 09:35 AM
From: Thomas Renner
Subject: ISAM AAC : username case sensitivity

Hello Guys,

we are coming from an upgraded ISAM installation and therefore the case insensitivity for AAC services was disabled out of the box (username.legacyBehavior=true). To fix it we run following DB commands from Jasmine blog :

UPDATE AUTHENTICATORS SET USERNAME=LOWER(USERNAME);
UPDATE MMFA_AUTH_TXN_DATA SET USERNAME=LOWER(USERNAME);
UPDATE OAUTH20_TOKEN_CACHE SET USERNAME=LOWER(USERNAME);
UPDATE OAUTH_TRUSTED_CLIENT SET USERNAME=LOWER(USERNAME);
UPDATE RBA_USER_DEVICE SET USER_ID=LOWER(USER_ID);
UPDATE RBA_USER_USAGE_DATA SET USER_ID=LOWER(USER_ID);
UPDATE U2F_TOKENS SET USERNAME=LOWER(USERNAME);
UPDATE USER_ATTRIBUTES SET USER_ID=LOWER(USER_ID);

INSERT INTO HVDB_SCHEMA_UPDATES VALUES (CURRENT_TIMESTAMP, 198711069, 'username.legacyBehavior');

After running these commands we saw that all corresponding lines were set to lower case in our DB. But anyway after restarting of whole Appliance the parameter username.legacyBehavior was still set to true (case sensitive).
So we expected that this parameter will automatically set to false (case insensitive) after running these commands. And therefore we are not sure if ISAM is handling the AAC requests in the correct way as case insensitive? Do you have an idea how to fix that?

------------------------------
Thomas Renner
------------------------------

You also need to execute the following SQL statement against the Configuration database:
UPDATE ISAM_OVERRIDE_CONFIGS SET CONFIG_VALUE = 'FALSE' WHERE CONFIG_EXTERNAL_KEY = 'USERNAME.LEGACYBEHAVIOR';


Then restart the LMI

------------------------------
Jan Brokate
------------------------------

Original Message:
Sent: Wed February 05, 2020 09:35 AM
From: Thomas Renner
Subject: ISAM AAC : username case sensitivity

Hello Guys,

we are coming from an upgraded ISAM installation and therefore the case insensitivity for AAC services was disabled out of the box (username.legacyBehavior=true). To fix it we run following DB commands from Jasmine blog :

UPDATE AUTHENTICATORS SET USERNAME=LOWER(USERNAME);
UPDATE MMFA_AUTH_TXN_DATA SET USERNAME=LOWER(USERNAME);
UPDATE OAUTH20_TOKEN_CACHE SET USERNAME=LOWER(USERNAME);
UPDATE OAUTH_TRUSTED_CLIENT SET USERNAME=LOWER(USERNAME);
UPDATE RBA_USER_DEVICE SET USER_ID=LOWER(USER_ID);
UPDATE RBA_USER_USAGE_DATA SET USER_ID=LOWER(USER_ID);
UPDATE U2F_TOKENS SET USERNAME=LOWER(USERNAME);
UPDATE USER_ATTRIBUTES SET USER_ID=LOWER(USER_ID);

INSERT INTO HVDB_SCHEMA_UPDATES VALUES (CURRENT_TIMESTAMP, 198711069, 'username.legacyBehavior');

After running these commands we saw that all corresponding lines were set to lower case in our DB. But anyway after restarting of whole Appliance the parameter username.legacyBehavior was still set to true (case sensitive).
So we expected that this parameter will automatically set to false (case insensitive) after running these commands. And therefore we are not sure if ISAM is handling the AAC requests in the correct way as case insensitive? Do you have an idea how to fix that?

------------------------------
Thomas Renner
------------------------------