LDAP authentication enables you to validate users through a central
directory via the Lightweight Directory Access Protocol (LDAP). There are
several options for LDAP authentication, including:
- LDAP
Validates users against LDAP using
SBM Application Engine.
- LDAP then Internal
Validates users against LDAP using
SBM Application Engine
first, and then against the internal
SBM
database if the user is not found in LDAP.
- SSO
LDAP
Validates users against LDAP using
SSO.
- Using
SSO
provides better performance and more security options than the
Application Engine-based
LDAP options. When you configure
SSO
LDAP, all browser authentication requests are performed against LDAP by
SSO,
and only Web service authentication requests that do not have a security token
are performed by
Application Engine.
- If you select this option, continue the configuration on the
server that hosts the
Single Sign-On (SSO)
component. You must configure
SSO
LDAP on the
Single Sign-On (SSO)
server in order for
SBM Configurator to
successfully update the
SSO
configuration files.
- You cannot use the Auto Add from LDAP feature with
SSO
LDAP. If you plan to configure
SBM to automatically add users from LDAP upon successful
authentication (Auto Add from LDAP), you must use
LDAP or
LDAP First, then Internal for user validation.
- SSO
LDAP then Internal
Validates users against LDAP using
SSO
first, and then against the internal
SBM
database if the user is not found in LDAP.
- If you select this option, continue the configuration on the
server that hosts the
Single Sign-On (SSO)
component. You must configure
SSO
LDAP on the
Single Sign-On (SSO)
server in order for
SBM Configurator to
successfully update the
SSO
configuration files.
- You cannot use the Auto Add from LDAP feature with
SSO
LDAP. If you plan to configure
SBM to automatically add users from LDAP upon successful
authentication (Auto Add from LDAP), you must use
LDAP or
LDAP First, then Internal for user validation.
Important: If you use the
LDAP then Internal authentication option, user passwords must
match in
SBM
and LDAP.
Copyright © 2007–2019 Micro Focus or one of its affiliates. All rights reserved.