Enabling the LDAP User-Defined Logon

To use the LDAP User-Defined Logon functionality, you must follow these steps:

Rename the existing @UserDefinedLogon function:

  1. On the main PROIV screen, select the Tools tab.

  2. Click General Tools tab on the left.

  3. Click Copy, Rename, Delete, Promote icon under the General Tools section.

  4. The Main Object Utilities window displays.

  5. Select the Rename option from the Action section.

  6. Enter @UserDefinedLogon in the Selected Object field.

  7. Enter a new name for the function in the To field.

  8. Click Rename.

Rename or copy @UserDefinedLogonLDAP to @UserDefinedLogon:

  1. On the Main Object Utilities window, select the Rename (or Copy) option from the Action section.

  2. Enter @UserDefinedLogonLDAP in the Selected Object field.

  3. Enter @UserDefinedLogon in the To field.

  4. Click Rename (or Copy).

To enable the LDAP User-Defined Logon window for use during the logon process:

  1. Select Admin from the Developer menu.

  2. On the Project Administration window, select the Tools tab.

  3. Click the User-Defined Logon icon from the Utilities section.

  4. The User-Defined Logon Configuration window appears.

  5. On the General tab, select the Enable the User-Defined Logon Screen check box.

  6. Click OK to close the User-Defined Logon Configuration window.

  7. The @UserDefinedLogon Screen function with LDAP authentication is now used during the logon process.

Item

Description

General Tab

 

Enable the User-Defined Logon Screen

Select the check box to display the User-Defined Logon window at logon instead of the PROIV Logon window.

If you want to use the example LDAP authentication functionality, you must rename the @UserDefinedLogon function, and then rename or copy @UserDefinedLogonLDAP to @UserDefinedLogon to ensure that the LDAP User-Defined Logon window is used at logon.

If you want to take advantage of using your bespoke logon screen without using the LDAP authentication, enable the check box and that User-Defined Logon window appears at logon.

Enable PROIV Password Validation

Select the check box to turn on PROIV password validation during the logon process. This checks the password held against the PROIV Logon ID and if the validation is successful, the logon occurs, if it is invalid, an error message appears.

LDAP Tab

 

LDAP Server Connection and Authentication

This section enables you to configure and test the LDAP connection server details, set up the authentication type and to enable automatic logon if user name mappings are unique.

URL

Enter the LDAP server connection string details. This is the URL where the LDAP server is located.

A250 -  Non-Mandatory

Authentication Type

Select the LDAP authentication type. The options in the drop-down list are:

simple - Uses weak authentication (clear-text password)

none - Uses no authentication (anonymous)

There are other authentication types available, and therefore you can enter other types in the field and they are supported.

Test Authentication

Click to test the LDAP authentication details. The Test LDAP Authentication window appears. Enter the LDAP user name and password you want to authenticate and click Test. A connection is attempted to the LDAP server configured in the URL field and a message appears indicating a successful or unsuccessful connection. For example, a successful connection is confirmed with a 'The LDAP server connection has been successfully made and authenticated.' message.  An unsuccessful logon attempt is reported with a 'The LDAP server connection or authentication has failed', accompanied with any error messages passed through the SSO from the LDAP server.

Automatic Logon if the Mapping is Unique

Select the check box to ensure that when there is one Co/Div (Company and Division) and PROIV User ID mapped to an LDAP user name, automatic logon occurs and the Select the PROIV User window is not displayed.

If you want to run the LDAP User-Defined Logon on green screen terminals, you must select the check box and ensure that there is only one PROIV user per LDAP user, because the Select the PROIV User window is not available in green screen.

Mappings Tab

 

Mappings of LDAP to PROIV Users

This section enables the creation, amendment and deletion of mappings between LDAP users, Co/Divs and PROIV User IDs. The columns can be sorted by clicking on the appropriate header.

LDAP User

Displays the name of the LDAP user.

Co Div

Displays the Co/Div name.

PROIV User

Displays the name of the PROIV user.

Add

Click to display the Add a new LDAP to PROIV user mapping window. Enter the LDAP user name in LDAP Username field, select the appropriate Company and Division from the Co/Div drop-down list and select the appropriate User ID from the PROIV User ID drop-down list. Click here for more information.

Delete

Select the appropriate mapping and click Delete to delete the mapping. Click here for more information.

Modify

Select the appropriate mapping and click Modify to change the mapping details. Click here for more information.

OK

Click OK to close the User-Defined Logon Configuration window.

Comment on this topic

Topic ID: 700040