User-Specific LDAP/Active Directory Information

  Previous topic Next topic JavaScript is required for the print function Mail us feedback on this topic! Mail us feedback on this topic!  

If and when LDAP/Active Directory authentication is enabled, two additional options become available on the individual user record to provide overrides to how individual records are managed.

 

The Authenticate via LDAP option is checked by default for those user records that were automatically created during authentication. Uncheck this option if you want to disable LDAP/Active Directory authentication for the user. User name, password and role assignment must be edited manually and authentication is managed by Astra Schedule. Because Astra Schedule only stores a system-generated password when LDAP authentication is in effect, unchecking the box for this option triggers a prompt to change the user’s password.

 

The Sync Roles with LDAP Groups option is only enabled if LDAP authentication is enabled for both the institution and the user, and is checked by default for those user records that were automatically created during authentication. Uncheck this option if you want the user to still be authenticated via the LDAP server but for their role assignment to be manually managed. Checking this option for an existing user disables the manual security role configuration for the user. When this option is enabled, a message appears just beneath that reads “Last Sync’d On:” and displays the date and time of the user’s last login.

NoteNOTE: Both of these options default to unchecked for users that are created manually in Astra Schedule. If you subsequently enable LDAP/Active Directory authentication and want existing users included, you must check these options.

Page url: ?usersecurity_userspecificldapinformation.htm