Overview
This page presents information about Windows AD log in options and LDAP Server integration.
On this page:
| Table of Contents | ||||
|---|---|---|---|---|
|
Windows Authentication Integration
Windows AD support is always automatically available when running the Project solution on Windows computers.
In this case, you will use the configured users for the Active Directory login. If the windows Windows OS has the same name that was as the user created in Security → Permissions, the application will use the permissions configured for this that user. Otherwise, it will use the permissions for the Guest user.
You just need to connect the clients (RichClient or SmartClients) using the Windows AD port, as defined in Runtime → Execution Profiles or or Runtime → Startup. The default port is 3102 port, but that this can be changed in the project configuration.
Example of TSmartClient URL using Windows Authentication:
http://127.0.0.1/fs-2016.2/TSmartClient.application?port1=3102&wa=true
When using Redundancy, the port follows the command line defined to start the server projects.
Accepting only AD connections
When running the projectsolution, it is also possible to force to use the AD only, disabling the Project solution denied users from runtime access.
To use Windows Authentication, select the checkbox ‘Use only Windows AuthenticationWA’ in Runtime → Startupand configure which port will be used for authentication in PortWA.
User Identification
The Windows User user that is logged in on the computer computer accessing the Server where the Project is ruling will be User name identified to the project server where the solution is running will be the username identified by the solution.
When you are using Client client instances, the Server server computer is the one which will validate the User that validates the user for the Clientclient. ThenTherefore, the logged Windows User in user on the Client client computer needs to exist on the Server server computer and be in the same Domain domain group.
After the user validation, the user’s user's Windows Group group will determine which project Security Permission security permission will be used. It will search in the project Security Permission 's security permissions for the same Windows Group group name. If it found exactly the same namefinds an exact match, then the Security Permission security permissions for that name will be used in the project for the logged Useruser. If any no names match, the Permission Guest permission will be used.
LDAP Server Integration
To enable the LDAP Server in the platform, please go to Info Security → Project → SettingsRuntimeUsers. Then, type the LDAP server's name in the AD/LDAP Server field.
To integrate the LDAP Server, the only customization that you need to do is to use the AD/LDAP Server on Project Settings → General. field.
The project Client.LogOn() method in the LOGON page will work properly after enabling the LDAP Server.
When this method is called, it will check the project for an Engineering userUser. If none are found, it will check for a runtime userRuntime User. If no runtime users Runtime Users are found, it will check for a an LDAP user if the LDAP Server is configured. The first user that is found and validated will be the user that is logged into the project.
After the user validation, the user’s Windows group will determine which project Security Permission will be used. It will search in the project Security Permission Permissions for the same Windows Group name. If it finds the an exact same namematch, the Security Permission will be used in the project for the logged-in Useruser. If any no names match, the guest Guest permission will be used.
In this section:
| Page Tree | ||||
|---|---|---|---|---|
|