Host Server LDAP tab
The host server authenticates users against users’ certificate files and private key files in basic/advanced security mode. Users must provide their user name, password, and certificate files and private key files when logging on to the system host server.
With an integrated LDAP server, users can employ their accounts on the LDAP server to log in to the system host server. The system automatically manages the user’s certificate file and private key file, which are required for establishing an SSL connection.
To access the host server, the system client application acquires the LDAP integration configuration from the host server by HTTPS.
- If LDAP integration is disabled, then the system client application attempts to establish an RMI connection. This is attempted over SSL to the host server with the user account, existing certificate file, and private key file. This is the original behavior.
- If LDAP integration is enabled, then
the system client application sends the LDAP user account to the host server. The
host server attempts to connect to the configured LDAP server using the user
account.
If the connection can be successfully established, then the system grants the user’s access request.
- A connection is established and the
user account is a member of a group. If the group is configured on the LDAP server,
then the system ensures a valid certificate and private key files exist for the user
on the client side.
If not, then these files are automatically created and are ready on the client side. After that, the client can establish an RMI connection over SSL with the user account, certificate file, and private key file.