Authentication options using credentials maintained by the directory service
Authentication options using credentials maintained by the directory service |
|
|
To authenticate in SE Suite using the credentials maintained in a directory service, it is necessary, besides having the user synchronized with the service, to choose and configure an authentication mode. Remember that: ▪Only users previously synchronized with the directory service can authenticate the same service. ▪The system does not store the password of synchronized users, leaving to the position of the directory service its management.
Authentication modes, in a directory service that the system offers, can be classified into 2 groups: ▪Authentication with user and password in a directory service via NTLM v2 or LDAP protocol: With the authentication modes of this group, the user enters the login and password in the SE Suite authentication screen, which will communicate with the directory service using the selected protocol (LDAP or NTLM v2) to validate the credentials and then authenticate in the system. ▪Authentication integrated with a directory service, via SAML 2.0 or OpenID Connect identity provider: Through the authentication mode of this group, single sign-on is enabled, which uses the login and password entered for authentication in the operating system or the browser in the identity service. That is, the user will not provide their credentials directly in the SE Suite authentication screen, leaving the process more practical for the user. The authentication protocol used in single sign-on (SAML 2.0 or OpenID Connect) is considered safer than previous ones.
|