Authentication

SunSystems can be configured to use different authentication methods as explained below, however database security is always based on Windows authentication. Consequently, for any implementation other than a standalone installation, a domain is required, which allows servers and clients to correctly authenticate with the database server.

Note: A SunSystems user is always required before accessing SunSystems functions, and all internal security access constraints are based on this account.
Authentication Method Features
Standard Basic level of security. SunSystems Security maintains users and associated passwords.
Windows Windows credentials entered during operating system sign-in are passed straight through to SunSystems. These are mapped to a specific SunSystems User to determine the identity of the user submitting the login request. The SunSystems User never sees a login dialog.
LDAP compliant Directory Service An LDAP compliant directory service is used to authenticate login request. These are mapped to a specific SunSystems User to determine the identity of the login requester.

It is possible to mix the authentication methods described above. If a Windows mapping is found, this will always take precedence.

The Authentication tab of the Security Policy dialog enables you to select:

  • Enable Windows Authentication - Windows credentials entered during operating system log in are passed through to User Manager.
  • Enable Standard Authentication - Basic level of security. User credentials are validated when User Manager is used.
  • Force all users to change password at next login - This applies to Standard Authentication only. Click Apply to implement this setting. A message is displayed in order for you to confirm this action. Once this has been set, you can unset it for individual users by using the Edit User function.

If you wish to use an LDAP compliant Directory Service, the check boxes on this tab should be left blank and your settings entered via Directory Service Configuration.

Note: At least one of the authentication modes must be selected, otherwise no users will be able to use the system.

See the SunSystems Multitier Installation Guide for more detailed information about system security.