How can we help?

Authentication Settings

You are here:
< All Topics

Overview

This feature allows configuration of complex passwords within DataXchange as well as offering integration with an LDAP server or Active Directory. More information on managing users can be found here.

You can access this feature on the Manage tab → Settings → Application → Authentication.

DataXchange offers a few methods for authentication. The DataXchange database, and LDAP either using an LDAP directory server or LDAP using Microsoft Active Directory.

DataXchange authentication is Enabled by default. LDAP authentication is Disabled by default.

Note: each authentication type can be disabled or enabled. Both can be Enabled, but both cannot be Disabled.

The Authentication Form is used to configure DataXchange and LDAP authentication settings.

DataXchange: If Enabled, this will allow you to set requirements when creating a password as well as rules for password resets. Authentication is done through the DataXchange database.

SettingDescription
Numbers0-9. The amount of numbers required in the password.
Upper Case LettersA-Z. The number of upper-case letters required in the password.
Lower Case Lettersa-z. The number of lower-case letters required in the password.
Non-AlphanumericThe number of non-alphanumeric characters required in the password.The following special characters can be used in the password.! @ # $ % ^ & * ( ) - + = [ ] 
Minimum LengthThe minimum length a password must be to meet the requirements. Default is 5, maximum characters allowed is 25.
ExpirationIf Enabled, this will expire a password in a chosen amount of time in which the user will need to create a new password. Default is 90 days.
Recent DisallowedIf Enabled, then the amount of Previous Passwords that cannot be used must be specified.

LDAP

LDAP is disabled by default. If enabled, this will allow you to use an LDAP server for authentication. The LDAP integration will search for users in the main OU (Organizational Unit).  If there are any child OUs based off that parent, those will be searched as well.

*Current versions of LDAP supported are v3 or greater.

There are some fields that are required when using the LDAP option for authentication.

SettingDescription
LDAPEnabled or Disabled. Disabled by default.
Server (required)The name of the LDAP server.
Port (required)The port number the LDAP server will be using for authentication.
User DN (required)The Distinguished Name path where users exist.
User Group DNThe Distinguished Name path where user groups exist. Required to sync LDAP groups with DataXchange.
SSLDisabled by default. When Enabled, this will allow Secure Socket Layer to be used with LDAP.
Active DirectoryDisabled by default. When Enabled, this will allow authentication from Microsoft Active Directory. There are two options for the search property:
SAM Account Name - SAM Account Name is the legacy user login name format of DomainName\UserName which was used on earlier versions of Windows. The SAM format is still commonly used today.
User Principal Name - The User Principal Name is in the format of UserName@DomainName.com which is an internet style format.
Auto Add to DXDisabled by default. When Enabled, this will automatically add a user to DataXchange if the user authenticated successfully with LDAP. If this setting is disabled, the LDAP username MUST pre-exist in DataXchange.
Table of Contents