Ok let me see if this makes more sense:
Where i add active directory user roles to the web.xml, i am supposed to add the active directory group. IE <role-name>DOMAIN\group_name</role-name>
When I set up Single Sign-on, using the group name, authentication fails.
But if instead of the group-name I use the group alias, which under Active Directory Administration is lised as "Group Name(pre windows 2000)", authentication is successful
Ill try to make this Clearer
I have a Domain: "MYDOMAIN"
I have a Group Name:"My_Group"
The Group Name(pre windows 2000) taken from Active Directory Administration: "MyGroup"
When I add "My_Group" as role, Authentication fails
When i add "MyGroup" as role, Authenticatio succeeds.
I checked, and the underscore has nothing to do with it. It happens with groups that don't have an underscore too