Review Login Policy LDAP/AD, and About Security Authentication
topics.
To enable AD authentication you must configure the security.propertiesfile
and Login Policy. The task below starts with the configuration
of the security.properties file; however, you may configure
the Login Policy prior to.
Open the application’s security.properties file.
The default location is C://Program Files > “Application
Name”> configuration > security.properties
In security.profiles=SECURITY-WEB1, enter the security profile
for AD; for example: security.profiles=SECURITY-WEB-AD.
Optional - To identify multiple profiles enter the desired
security profiles; for example:security.profiles=SECURITY-WEB-AD,SECURITY-KERBEROS,SECURITY-WEB
Note no space after the comma and be sure to set all applicable
settings when entering multiple security profiles.
In security.ad.domain, enter your company’s domain
name, for example, Kronos.com.
In security.ad.server, enter the address of the
active directory server.
Save the file to confirm your settings.
Stop and Restart the application to initiate your new
settings.
Go to: Setup > Login Policy to create a new Login
Policy.
Click Add, to create a new Login Policy or click
an existing Login Policy to edit.
In Active Directory/LDAP, select the check box Authenticate
via Active Directory/LDAP.
Click Save.
Assign this login policy to personnel who will
be using AD/LDAP authentication.
Important: Be sure the person’s Login ID or User
ID match those of the external provider. For example, if the AD
Login ID is set to use the username without the domain prefix or
suffix extension and the person’s domain login ID is John.Doe@kronos.com,
then their Login ID for this application will be will be: “John.Doe”.