This topic explains how to integrate authentication via Active Directory and Novell eDirectory. By default, the system is installed to support local authentication. In this case, all user credentials are stored in the system database, which is queried when authenticating users. Authentication can also take place through an external directory, in which case user credentials are not stored in the system database and are managed from the external directory itself.
For this, an LDAP integration task must have been created and executed, and the server type selected for this task must have been Active Directory or Novell eDirectory. Note that external authentication is not possible through Apache DS, although it can be integrated with the system to import objects. This integration task is used to import users, groups, and assets to the system and keep information between the system and the database of users from the directory service synchronized. Once the system has been synchronized with an external directory, imported users or groups of users should be included in the system access profiles, thus ensuring that they will have access to the system. Finally, the authentication server can be changed in the configuration files for the system once this task is scheduled by following the steps in the procedure below.
Local authentication is disabled once the system is configured to use authentication via Active Directory or Novell eDirectory, and access is only possible for users who are listed in these external directories and who are periodically synchronized with the system. Also note that to configure authentication via Active Directory or Novell eDirectory, the system must have been installed to use the default local authentication.
For details on creating this integration task, see Chapter 17: Administration -> Integrations -> Integration Tasks -> Creating a Task to Integrate with an LDAP.
IMPORTANT NOTICE: As this type of modification involves changes to the system configuration files, we suggest that it only be performed by those with advanced technical knowledge and with the involvement of the support team.