Authentication Group
Authentication groups
LDAP authentication group
An LDAP group is an organization within a directory. It is often characterized by the OU type.
Example: the LDAP Quality group has the unique identifier (Distinguished Name):
OU=Quality,OU=UNIVERSITE,OU=FRANCE,DC=fr,DC=mega,DC=com
All persons belonging to this organization belong to the LDAP group.
LDAP groups represent a list of persons distributed by organization. Users belonging to an LDAP group use configuration available on the group:
• HOPEX repository connection
• access to profiles
The LDAP group defines a group or organization in the LDAP directory or Active Directory. It contains a list of users authorized to connect to the application concerned with the group configuration.
SSO type authentication group
The SSO authentication process is characterized by claims. These claims include the groups or roles the user belongs to. These groups have a unique identifier that can be entered in the Authentication identifier attribute.
Example: the claim role "rCmp-WebAXDevRemoteRdpTier2@MEGA”
Defining an authentication group
Prerequisite: in case of LDAP authentication, the LDAP Server must be configured, see Configuring LDAP Authentication.
To define an authentication group:
1. Access the authentication group management pages.
2. In the edit area, in the Authentication groups tab, right-click Authentication groups folder and select New > Authentication group.
The authentication group creation window appears.
3. In the Name field, enter a name for the authentication group.
4. (LDAP authentication) In the LDAP server field, select your LDAP server.
5. In the Authentication identifier field:
• (LDAP authentication) enter the identifier of the group within the LDAP directory or Active Directory.
Example: OU=ResearchandDevelopment, OU=UNIVERSITE,OU=FRANCE,DC=fr,DC=mega,DC=com
• (SSO authentication) enter the identifier of the claim with which you want to map the authentication group.
Example: the claim role "rCmp-WebAXDevRemoteRdpTier2@MEGA”
6. Associate an HOPEX person group with the authentication group.