LDAP authentication: Unterschied zwischen den Versionen
(Die Seite wurde neu angelegt: == LDAP authentication == The Lightweight Directory Access Protocol (LDAP) is a protocol that allows the query and modification information of directory services (a hie...) |
|||
Zeile 8: | Zeile 8: | ||
requires professional knowledge of the configuration of slapd. We recommend to use no LDAP service of authentication on the WICE server itself, but to run it on another server.}} | requires professional knowledge of the configuration of slapd. We recommend to use no LDAP service of authentication on the WICE server itself, but to run it on another server.}} | ||
− | {{Screenshot|LDAP. png|600|Input mask | + | {{Screenshot|LDAP.png|600|Input mask for the LDAP configuration}} |
If you are using LDAP authentication, the name of the user account in WICE(not the assigned employee) and the LDAP server name must be the same. All login-related features such as expiration of accounts, disabled accounts, forcing new passwords, entering new passwords in the profile etc. are ineffective in the LDAP authentication mode. Alone the limitation of user accounts on certain IP addresses keeps it`s effect. | If you are using LDAP authentication, the name of the user account in WICE(not the assigned employee) and the LDAP server name must be the same. All login-related features such as expiration of accounts, disabled accounts, forcing new passwords, entering new passwords in the profile etc. are ineffective in the LDAP authentication mode. Alone the limitation of user accounts on certain IP addresses keeps it`s effect. |
Version vom 23. April 2013, 12:32 Uhr
LDAP authentication
The Lightweight Directory Access Protocol (LDAP) is a protocol that allows the query and modification information of directory services (a hierarchical database distributed on the network). It provides the communication between the so-called LDAP client and the directory (directory server). Normally, the WICE-user login is authenticated using the WICE username and WICE password. The passwords are stored in the WICE administration. With the LDAP authentication you can however move the password management on an LDAP server (slapd by openldap).
OpenLDAP is an implementation of the LDAP protocol as a free software. OpenLDAP is part of most current Linux distributions.
Hint: Please note: the simultaneous operation of a LDAP services for authentication on the WICE Server and the WICE LDAP connector requires professional knowledge of the configuration of slapd. We recommend to use no LDAP service of authentication on the WICE server itself, but to run it on another server. |
600px
Screenshot: Input mask for the LDAP configuration
If you are using LDAP authentication, the name of the user account in WICE(not the assigned employee) and the LDAP server name must be the same. All login-related features such as expiration of accounts, disabled accounts, forcing new passwords, entering new passwords in the profile etc. are ineffective in the LDAP authentication mode. Alone the limitation of user accounts on certain IP addresses keeps it`s effect.