Administrators can connect the application to a Directory Server for
Customer and User authentication purposes. This removes the need
to create Customer and User accounts as it allows the system to synchronize
accounts and access levels with an existing Directory Server. It has the
added benefit of allowing the Administrator to work with existing infrastructure.
As part of the mapping process, if no values exist on the authentication
server for a mapped field, no drop-down menu will appear and Users cannot
edit the field.
When the authentication server is used, the Customer’s password is not
visible within the service management tool, regardless of whether the
Customer is new or existing in the system. This is due to the Customer’s
account being validated against an authentication server account rather
than an internally authenticated account. The password is stored in the
authentication server’s database and it is not accessible through the
service management system.
Also, Customers using LDAP or Active Directory authentication are not
able to edit their first name, last name, LDAP/ADS username
or email address. These fields are stored on the authentication server,
and cannot be modified within the service management system.
To import Customers using a directory server, see Authentication.