Setting the authentication type

<< Click to Display Table of Contents >>

Navigation:  Administration > Server Administration > Applying Advanced Server Settings >

Setting the authentication type

Although there are four options in the Authentication type list, these can be divided into two categories: Concordance Desktop security and external authentication through Microsoft Windows (depending on your version of Microsoft Windows Server). In choosing external authentication, you gain the use of policies, including but not limited to password expiration, renewal, and format.

When the authentication type is external to Concordance Desktop, such as Microsoft Active Directory, the Concordance Desktop server uses the external authentication logon name to determine the user's Concordance Desktop database rights, field rights, and menu security. If the user's external authentication logon name is not added to the Concordance Desktop database, the user will not have access to the database.

Dual authentication, authenticating users against more than one server, can only be set for a maximum of two Active Directory LDAP servers.  The Auxiliary authentication server setting is not available for the External by Domain or External by NT Server options.

When authenticating users against an Active Directory server in a domain other than where FYI Sever is located, make sure that the Concordance Desktop server is running on Windows Server 2008 R2.

If a database administrator account is specified on the Management tab in the Concordance Desktop Admin Console, the Concordance Desktop server then copies the users from Concordance Desktop and adds them to the Concordance Desktop Admin Console for that specific database. This allows you to use external security to set password policies, including expiration, renewal, and format.

Before changing the authentication type to an external method, check the Concordance Desktop databases and add user names and rights as needed.

For more information about authentication types, see About setting up user security.

To Set the Authentication Type to Concordance Desktop

1.Click the Settings tab.

2.In the Server Settings section, click the authentication type in the Authentication type row.

3.Click the arrow to open the authentication type list, and click Concordance Desktop.

i.When Concordance Desktop is selected, Concordance Desktop server uses the a Concordance Desktop database's .sec file to authenticate users.

4.Click Apply to save your settings.

5.Remember to adjust port settings as specified for each authentication type, and update IP addresses if they change.

To Set the Authentication Type to External by Domain

1.Click the Settings tab.

2.In the Server Settings section, click the authentication type in the Authentication type row.

3.Click the arrow to open the authentication type list, and click External by domain.

i.When External by domain is selected, Concordance Desktop server allows for user authentication against an NT domain controller without an Active Directory.

4.Click in the Authentication server row below External by domain, and type the authentication server name, such as a company or work group name (.com or IP address entries are not acceptable).

5.Click Apply to save your settings.

6.Remember to adjust port settings as specified for each authentication type, and update IP addresses if they change.

i.External by domain authentication typically requires use of several ports: 137 TCP, 138 UDP, 139 TCP, and 445 TCP. Ensure that your firewall is not blocking these ports.

To Set the Authentication Type to External by NT Server

1.Click the Settings tab.

2.In the Server Settings section, click the authentication type in the Authentication type row.

3.Click the arrow to open the authentication type list, and click External by NT Server.

i.When External by NT Server is selected, Concordance Desktop server allows for user authentication against a stand alone server (member server).

ii.A member server is a server that meets all of the following requirements:

The server is running a Microsoft Windows 2008 R2 Server operating system

The server is part of a domain

The server is not a domain controller

4.Click in the Authentication server row below External by NT Server, and type the authentication server name, such as mypdc.company.com or an IP address.

5.Click Apply to save your settings.

6.Remember to adjust port settings as specified for each authentication type, and update IP addresses if they change.

i.The port addresses typically required by External by NT Server authentication include: 137 TCP, 138 UDP, 139 TCP, and 445 TCP. Ensure that your firewall is not blocking these ports.

To Set the Authentication Type to External by Active Directory LDAP

1.Click the Settings tab.

2.In the Server Settings section, click the authentication type in the Authentication type row.

3.Click the arrow to open the authentication type list, and click External by Active Directory LDAP.

i.When External by Active Directory LDAP is selected, Concordance Desktop server uses Microsoft Windows Active Directory to authenticate users.

4.Click in the Authentication server row below External by Active Directory LDAP, and type the authentication server name or an IP address.

5.(Optional) Click in the Auxiliary authentication server row to set a second authentication server, and type the authentication server name or an IP address.

When authenticating against an internal and an external domain, make sure that the same username does not appear in both domains.

6.Click Apply to save your settings.

7.Remember to adjust port settings as specified for each authentication type, and update IP addresses if they change.

i.The firewall ports that need to be open for Active Directory include: 389 (LDAP,) 636 (secure LDAP,) and NetBIOS ports for the change password feature.

If both the LDAP and Auxiliary server options are set, both server names are displayed when using the Insert Domain Users option for the Users tab in the Concordance Desktop Admin Console.