Administrators can connect the system to a Directory Server for User
authentication purposes. This removes the need to create User accounts
as it allows the application to synchronize User accounts and access levels
with an existing Directory Server. It has the added benefit of allowing
the Administrator to work with existing infrastructure.
As part of the mapping process, if no values exist on the authentication
server for a mapped field, no drop-down menu will appear and Users cannot
edit the field.
When the authentication server is used, the User’s password is not visible
through the service management application, regardless of whether the
User is new or existing in the system. This is due to the User’s account
being validated against an authentication server account rather than a
system account. The password is stored in the authentication server’s
database and it is not accessible through the application.
Also, Users using LDAP or Active Directory authentication are not able
to edit their first name, last name, LDAP/ADS username
or email address. These fields are stored on the authentication server
and cannot be modified within the service management tool.
To import Users using a directory server, see Authentication.