Unix Access Management

VAS Auth with samAccountName and mail

Is it possible to authenticate to a RHEL 7 server with vas installed with samAccountName and the mail attribute stored in AD?

The users have a mail address of user.name@domain.com but the domain is apac.domain2.com.

We are using a saml authenticated web app that is passing the upn(which is user.name@domain.com) but can launch a process (unknown user). The real only way to map the user in AD to the saml assertion is the mail attribute.

Can VAS be configured to allow this?