SunSystems can be configured to use different authentication methods as explained below, however database security is always based on Windows authentication. Consequently, for any implementation other than a standalone installation, a domain is required, which allows servers and clients to correctly authenticate with the database server.
|Standard||Basic level of security. SunSystems Security maintains users and associated passwords.|
|Windows||Windows credentials entered during operating system sign-in are passed straight through to SunSystems. These are mapped to a specific SunSystems User to determine the identity of the user submitting the login request. The SunSystems User never sees a login dialog.|
|LDAP compliant Directory Service||An LDAP compliant directory service is used to authenticate login request. These are mapped to a specific SunSystems User to determine the identity of the login requester.|
It is possible to mix the authentication methods described above. If a Windows mapping is found, this will always take precedence.
The Authentication tab of the Security Policy dialog enables you to select:
- Enable Windows Authentication - Windows credentials entered during operating system log in are passed through to User Manager.
- Enable Standard Authentication - Basic level of security. User credentials are validated when User Manager is used.
- Force all users to change password at next login - This applies to Standard Authentication only. Click to implement this setting. A message is displayed in order for you to confirm this action. Once this has been set, you can unset it for individual users by using the function.
If you wish to use an LDAP compliant Directory Service, the check boxes on this tab should be left blank and your settings entered via Directory Service Configuration.
See the SunSystems Multitier Installation Guide for SunSystems 6.3 for more detailed information about system security.