Authentication
| Configuration Name | Description | Default Value | Tags |
|---|---|---|---|
| Auto manage user password | SSO User in AD by controller managed password. It should be true when using with daas. | False | Control,Authentication Domain |
| Username options | UserOptions if set to 1 will truncate UserName after @ or \ ,if set to 2 will not truncate UserName and if set to 3 then format username as userName@domain. | 1 | - |
| OU for auto created user | OU where user needs to be created in AD. | Enter OU | Control,Authentication Domain |
| Truncate User Name | Truncate username at the time of login if user is using user principal name. | True | - |
| Directory Service Test Connection Retry Count | Number of fail attempt before switching directory service. | 1 | - |
| User Authorization Control | If true HyWorks fetches user's group and OU information from configured active directory authentication server. Disabling it will cause entitlements not working using user groups or OUs. It can be disabled in deployments where major performance or slowness is observed due to group fetching from active directory authentication server, but the deployment must use only user based entitlements. It is recommended to keep it as true. | True | Control, Authentication Domain |
| User Authentication Control | Authenticating user with configured authentication server. Recommended to keep it as true. But in workgroup environments where user password may be different on front-end HySecure server and HyWorks, authentication can be kept as false as user will get authenticated via HySecure but will get authentication failure in HyWorks because of use of different authentication server. Note: Keeping it as false, will make HyWorks to allow logon of users without authentication. |
True | Control, Authentication Domain |
| Group dn for auto created user | Dn of group of which Auto created user should be member of. | Enter Group Dn | Control,Authentication Domain |
| AD user change password type | There are 2 ways of user password change type: 1. DirectoryEntry 2. PrincipalContext. | 1 | - |
| Login Options | Two options for user login: 0:Default behavior is reconnect SHD and App Session 1:Cleanup SHD and App Session. | 0 | - |
| Logged In User Name Override | HyLite will Override logged in User Name sent by the HyWorks if value is set as True. | True | - |
| Auto user creation | Auto creation of user in AD in given ou and group. | False | Control,Authentication Domain |
| Active directory options | Following are the options to change AD authorization: 1: GroupPrincipal 2: DirectoryEntry 3: GroupPrincipalAndDirectoryEntry 4:DirectoryEntryAndGroupPrincipal 5: DirectorySearcher 6:LDAP Searcher. Default method is 3. | 6 | Control, Authentication Domain |