Access to the security.properties file if prior to application
version 7.4.
Access to the Tenant Properties area if after application version
7.4.
Review Login Policy LDAP/AD, and About Security Authentication topics.
To enable AD authentication you must configure the security.propertiesfile
and Login Policy. The task below starts with the configuration
of the security.properties file; however, you may configure
the Login Policy prior to.
Choices are:
After v7.4+: Go to the Tenant Properties
section in the System area.
Prior to v7.4: Open the application’s security.properties file.The
default location is C://Program Files > “Application Name”> configuration
> security.properties
In security.profiles=SECURITY-WEB1, enter the security profile
for AD; for example: security.profiles=SECURITY-WEB-AD.
Optional - To identify multiple profiles enter the desired
security profiles; for example:security.profiles=SECURITY-WEB-AD,SECURITY-KERBEROS,SECURITY-WEB
Note no space after the comma and be sure to set all applicable
settings when entering multiple security profiles.
In security.ad.domain, enter your company’s domain
name, for example, Kronos.com.
In security.ad.server, enter the address of the
active directory server.
Save the file to confirm your settings.
Stop and Restart the application to initiate your new
settings.
Go to: Setup > Login Policy to create a new Login Policy.
Click Add to create a new Login Policy, or click
an existing Login Policy to edit.
In Active Directory/LDAP, select the check box Authenticate
via Active Directory/LDAP.
Click Save.
Assign this login policy to personnel who will
be using AD/LDAP authentication.
Important: Be sure the person’s Login ID or User
ID match those of the external provider. For example, if the AD
Login ID is set to use the username without the domain prefix or
suffix extension and the person’s domain login ID is John.Doe@kronos.com,
then their Login ID for this application will be will be: “John.Doe”.