The Define LDAP access option in the More options drop-down list opens the Configure the Application Server for access to the LDAP server window.Using a Lightweight Directory Access Protocol (LDAP) for access, users can log on to CAS genesisWorld Web or the mobile apps via Active Directory outside of the intranet.
The Define LDAP access option in the More options drop-down list opens the Configure the Application Server for access to the LDAP server window.
You may want the application server to be accessible from outside, for example, if you want persons to be able to call CAS genesisWorld Web. The application server is then located before the firewall and the CAS genesisWorld Web port is opened.
You can only log on to this public application server via the Windows authentication if the Active Directory is accessed via a LDAP access. To do so, an LDAP access must be set up in the User management area.
The LDAP user should be a Windows domain user. A domain administrator is not needed. The domain user requires the right to query LDAP in the Windows domain, that is, to access the Active Directory.
You have the following options to provide the Windows authentication for a public application server via LDAP:
An authentication via LDAP is also possible when replication is used. However, the settings for LDAP access are not replicated. Therefore, LDAP access must be set up on each application server of a laptop for replication.
If a laptop is offline, logging on to CAS genesisWorld can be done using the Windows logon data with SID (Security Identifier) ntuser or the hash value.
A Windows account can be locked after several incorrect entries. The different ways of logging on are checked in a certain order to avoid that the lock is not activated for technical reasons.