Windows authentication can be enabled or disabled whether or not Windows groups have been selected in the Windows Authentication window.
|
Enable/disable Window Authentication |
|
|
Windows Authentication guidelines. |
Enable/Disable Windows Authentication
When a user logs into CIMPLICITY, the following occurs when Allow Auto Login and/or Enable Windows Authentication are checked or clear.
|
Allow |
Enable |
Result |
|
Check |
Check |
If the Windows user is a member of a selected group, CIMPLICITY will
|
|
Clear |
Check |
If the Windows user is a member of a selected group, CIMPLICITY will
|
|
NA |
Clear |
Windows authentication and auto login are not allowed. |
Windows Authentication Guidelines
When a user
Attempts to log into CIMPLICITY,
if the Windows user name/password are not valid or CIMPLICITY does
not find the user in any of the groups, the user is denied
CIMPLICITY access.
Logs into CIMPLICITY for the
first time using Windows authentication, that user is automatically
added to CIMPLICITY's list of users
Is listed in the CIMPLICITY list,
user specifications can be modified the same way as for any other
user.
When the new Windows
Authentication module tries to validate a user with auto log in, If
Windows Authentication does not have a valid user/password to use
to query the domain controller, it uses the current user that the
process is running under.
On a default installation Windows authentication runs as a system user; depending on how the domain is set up there is a good chance that the system user will not have the ability to query the domain.
To make sure Windows authentication can query the domain:
Open the Services control panel
Make the CIMPLICITY HMI service run under a domain account that has privileges to query the domain.
|
|
Windows authentication configuration. |
Important: