Host Server LDAP tab

The host server authenticates users against users’ certificate files and private key files in basic/advanced security mode. Users must provide their user name, password, and certificate files and private key files when logging on to the system host server.

With an integrated LDAP server, users can employ their accounts on the LDAP server to log in to the system host server. The system automatically manages the user’s certificate file and private key file, which are required for establishing an SSL connection.

To access the host server, the system client application acquires the LDAP integration configuration from the host server by HTTPS.

  • If LDAP integration is disabled, then the system client application attempts to establish an RMI connection. This is attempted over SSL to the host server with the user account, existing certificate file, and private key file. This is the original behavior.
  • If LDAP integration is enabled, then the system client application sends the LDAP user account to the host server. The host server attempts to connect to the configured LDAP server using the user account.

    If the connection can be successfully established, then the system grants the user’s access request.

  • A connection is established and the user account is a member of a group. If the group is configured on the LDAP server, then the system ensures a valid certificate and private key files exist for the user on the client side.

    If not, then these files are automatically created and are ready on the client side. After that, the client can establish an RMI connection over SSL with the user account, certificate file, and private key file.