NOTE: This authentication module is available if the Active Directory Module is installed.
Credentials |
Login name and password for registering with Active Directory. You do not have to enter the domain. |
Prerequisites |
|
Set as default |
Yes |
Single sign-on |
No |
Front-end login allowed |
Yes |
Web Portal login allowed |
Yes |
Remarks |
The user‘s identity is determined from a predefined list of permitted Active Directory domains. The corresponding user account and identity are determined in the database, which the user account is assigned to. If an identity has a main identity or several subidentities, the QER | Person | MasterIdentity | UseMasterForAuthentication configuration parameter controls which identity is used for authentication.
NOTE: Identities that are classified as a security risk are no longer be able to log in to One Identity Manager. To allow login, set the QER | Person | AllowLoginWithSecurityIncident configuration parameter. A dynamic system user is determined from the identity's application roles. The user interface and the permissions are loaded through this system user. Data modifications are attributed to the current user account. |