Authentication

Password and Authentication Overview

This feature will allow creation of complex passwords within DataXchange as well as offering integration with an LDAP server or Active Directory.

You can access this feature on the Manage tab => Application (drop down)=> and choose Authentication.

DataXchange offers a few methods for authentication. The DataXchange database, and LDAP either using an LDAP directory server or LDAP using Microsoft Active Directory.

DataXchange authentication is Enabled by default. LDAP authentication is Disabled by default.

*Keep in mind that each authentication type can be disabled or enabled. Both can be Enabled, but both cannot be Disabled.

The Authentication Form is used to configure DataXchange and LDAP authentication settings.

DataXchange: If Enabled, this will allow you to set requirements when creating a password as well as rules for password resets. Authentication is done through the DataXchange database.

Explanation of fields:

Numbers	0-9. The amount of numbers required in the password.
Upper Case Letters	A-Z. The number of upper-case letters required in the password.
Lower Case Letters	a-z. The number of lower-case letters required in the password.
Non-Alphanumeric	The number of non-alphanumeric characters required in the password. The following special characters can be used in the password. ! @ # $ % ^ & * ( ) - + = [ ]
Minimum Length	The minimum length a password must be to meet the requirements. Default is 5, maximum characters allowed is 25.
Expiration	If Enabled, this will expire a password in a chosen amount of time in which the user will need to create a new password. Default is 90 days.
Recent Disallowed	If Enabled, then the amount of Previous Passwords that cannot be used must be specified.

LDAP: Disabled by default. If Enabled, this will allow you to use an LDAP server for authentication.

*Current versions of LDAP supported are v3 or greater.

There are some fields that are required when using the LDAP option for authentication.

LDAP	Enabled or Disabled. Disabled by default.
Server (required)	The name of the LDAP server.
Port (required)	The port number the LDAP server will be using for authentication.
User DN (required)	The Distinguished Name path where users exist.
SSL	Disabled by default. When Enabled, this will allow Secure Socket Layer to be used with LDAP.
Active Directory	Disabled by default. When Enabled, this will allow authentication from Microsoft Active Directory. There are two options for the search property. SAM Account Name - SAM Account Name is the legacy user login name format of DomainName\UserName which was used on earlier versions of Windows. The SAM format is still commonly used today. User Principal Name - The User Principal Name is in the format of UserName@DomainName.com which is an internet style format.
Auto Add to DX	Disabled by default. When Enabled, this will automatically add a user to DataXchange if the user authenticated successfully with LDAP. If this setting is disabled, the LDAP username MUST pre-exist in DataXchange.

Please follow this link for more information on Managing Users.