Scenario Guide › Scenario Overview › Enable Certification › Enable Active Directory and Lightweight Directory Access Protocol (LDAP) Authentication › Enable Active Directory Authentication

Enable Active Directory Authentication

You enable Active Directory authentication by setting properties in the Portal.

Follow these steps:

1. In the Portal, click Administration, Settings, Properties Settings.

   The Properties Settings window appears.

2. Set these property files as follows:

   sage.security.disable.ADAuthentication

   Defines the ability to enable Active Directory authentication. Set this value to False.

   Default: True

   security.ldap.server

   Defines the LDAP network server name or Active Directory IP address. (example: HOSTNAME.org.com)

   Default: adserver

   (Optional) security.manager.dn

   Specifies the distinguished name (DN) of the manager. The DN is often required only when using SSL authentication. The manager is AD_bind_account (example: administrator).

   Default: AD1\Administrator

   (Optional) security.manager.password

   Specifies the LDAP network administrator username. The Active Directory password is AD_bind_account_password.

   Default: eurekify

   sage.security.credential.expiration.seconds

   Defines the lifetime of the credentials expiration, in seconds. Set this value to 60.

   Default: 60

   sage.security.eurekify.keyStore.file

   Defines the keystore path directory. Set this property when using SSL and adding the AD certificate to a JVM keystore file.

   Default: none

   sage.security.eurekify.keystore.password

   Defines the keystore password. Set this property when using a JVM keystore file for SSL.

   Default: none

   Note: Use separate instructions if you want to use a personal keystore instead of the JVM keystore.

   sage.security.disable.ssl.ADAUthentication

   Defines whether you enable Active Directory authentication. Set this value to True to enable Active Directory authentication.

   Defult: True

   sage.default.domain

   Defines the Active_Directory_domain.

   Default: none

Note the following login issues:

• You must have a Login ID filed in the database with the domain name (example: domain\jsmith where domain is the domain name and jsmith is the login ID)
• When logging in, the user must provide the Login ID (example: domain\jsmith). If the Active Directory domain is set as the sage.default.domain property, then domain is not required, only the Login ID (jsmith).