You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

Overview

This page presents information about Windows AD log in options and LDAP Server integration.


On this page:

Windows Authentication Integration

Windows AD support is always automatically available when running the Project on Windows computers.

In this case, you will use the configured users for the Active Directory login. If the windows OS has the same name that was created in Security → Permission, the application will use the permissions configured for this user. Otherwise, it will use the permissions for the Guest user.

You just need to connect the clients (RichClient or SmartClients) using the Windows AD port, as defined in Run → Test or Run → Startup. The default port is 3102 port, but that be changed in the project configuration.

Example of TSmartClient URL using Windows Authentication:

http://127.0.0.1/fs-2016.2/TSmartClient.application?port1=3102&wa=true

When using Redundancy, the port follows the command line defined to start the server projects. 

Accepting only AD connections

When running the project, it is also possible to force to use the AD only, disabling the Project denied users from runtime access.

To use Windows Authentication, select the checkbox ‘Use only Windows Authentication’ in Run → Startup and configure which port will be used for authentication in PortWA.

User Identification

The Windows User that is logged in the computer accessing the Server where the Project is ruling will be User name identified to the project

When you are using Client instances, the Server computer is the one which will validate the User for the Client. Then, the logged Windows User in the Client computer needs to exist on the Server computer and be in the same Domain group.

After the user validation, the user’s Windows Group will determine which project Security Permission will be used. It will search in the project Security Permission for the same Windows Group name. If it found exactly the same name, then the Security Permission will be used in the project for the logged User. If any names match, the Permission Guest will be used.


LDAP Server Integration

To enable the LDAP Server in the platform, please go to Info → Project → Settings. Then, type the LDAP server's name in the AD/LDAP Server field.

To integrate the LDAP Server, the only customization that you need to do is use the AD/LDAP Server on Project → Settings

The project Client.LogOn() method in the LOGON page will work properly after enabling the LDAP Server.

When this method is called, it will check the project for an Engineering user. If none are found, it will check for a runtime user. If no runtime users are found, it will check for a LDAP user if the LDAP Server is configured. The first user that is found and validated will be the user that is logged into the project. 

After the user validation, the user’s Windows group will determine which project Security Permission will be used. It will search in the project Security Permission for the same Windows Group name. If it finds the exact same name, the Security Permission will be used in the project for the logged in User. If any names match, the guest permission will be used.


In this section...

The root page @parent could not be found in space v10.

  • No labels