I changed our AD query in AD authentication source to look for userPrincipleName rather than samAccountName and now I can authenticate successfully with the UPN as username. However, none of the authorization attributes are being returned after authentication. The "Authorization Attributes" section of the access tracker input tab is missing and the user is not assigned the correct role.
I can manually browse the LDAP tree manually with the UPN as the filter query.
Has anyone seen this before