If you have implemented a feature or SDK application that requests the credentials from the user context when calling services the include-domain-with-user parameter must be true in order to function properly with an environment using ADFS 3.0.

If the user logs in to Smart Office as user@domain or domain\user setting the parameter true ensures that the domain is included in the user name.

If you’re using the MangoHttpClient class for doing REST calls it’s already handled for you so no changes are necessary. The ADFS 3.0 support was introduced in Smart Office 10.2.10.88 (HF12) released in March 4th 2016.

It may be necessary for a ISO feature/application to change one argument when requesting credentials from the Smart Office user context in order to support ADFS 3.0. The parameter includeDomainWithUser should be set to true. This will return the user name including the domain, if the user logged on to Smart Office with a domain, otherwise it will only return the user name.

Existing code that looks like this:

ApplicationServices.UserContext.RequestCredentials(out username, out password);
ApplicationServices.UserContext.RequestCredentials(out username, out password, false);


Should be changed to set includeDomainWithUser argument to true:
ApplicationServices.UserContext.RequestCredentials(out username, out password, true);

There is also a new LDAP Setting described in the Administration Guide (p. 267) ”Add domain after authentication” that you should be aware of.

This setting is used in scenarios where some applications such as IDM requires a domain but the Smart Office server does not require one. When the setting is enabled, a user may log-on without a domain to Smart Office and still be authenticated with domain for the application.

Settings values:
No = Not enabled
Yes (user@domain) = Enabled with the username format “User Principal Name”.
Yes (domain\user) = Enabled with the user nameformat “Down-Level Logon Name”.