How can we help?
This feature allows configuration of complex passwords within DataXchange as well as offering integration with an LDAP server or Active Directory. More information on managing users can be found here.
You can access this feature on the Manage tab → Settings → Application → Authentication.
DataXchange offers a few methods for authentication. The DataXchange database, and LDAP either using an LDAP directory server or LDAP using Microsoft Active Directory.
DataXchange authentication is Enabled by default. LDAP authentication is Disabled by default.
Note: each authentication type can be disabled or enabled. Both can be Enabled, but both cannot be Disabled.
The Authentication Form is used to configure DataXchange and LDAP authentication settings.
DataXchange: If Enabled, this will allow you to set requirements when creating a password as well as rules for password resets. Authentication is done through the DataXchange database.
|Numbers||0-9. The amount of numbers required in the password.|
|Upper Case Letters||A-Z. The number of upper-case letters required in the password.|
|Lower Case Letters||a-z. The number of lower-case letters required in the password.|
|Non-Alphanumeric||The number of non-alphanumeric characters required in the password.The following special characters can be used in the password.! @ # $ % ^ & * ( ) - + = [ ]|
|Minimum Length||The minimum length a password must be to meet the requirements. Default is 5, maximum characters allowed is 25.|
|Expiration||If Enabled, this will expire a password in a chosen amount of time in which the user will need to create a new password. Default is 90 days.|
|Recent Disallowed||If Enabled, then the amount of Previous Passwords that cannot be used must be specified.|
LDAP is disabled by default. If enabled, this will allow you to use an LDAP server for authentication. The LDAP integration will search for users in the main OU (Organizational Unit). If there are any child OUs based off that parent, those will be searched as well.
*Current versions of LDAP supported are v3 or greater.
There are some fields that are required when using the LDAP option for authentication.
|LDAP||Enabled or Disabled. Disabled by default.|
|Server (required)||The name of the LDAP server.|
|Port (required)||The port number the LDAP server will be using for authentication.|
|User DN (required)||The Distinguished Name path where users exist.|
|User Group DN||The Distinguished Name path where user groups exist. Required to sync LDAP groups with DataXchange.|
|SSL||Disabled by default. When Enabled, this will allow Secure Socket Layer to be used with LDAP.|
|Active Directory||Disabled by default. When Enabled, this will allow authentication from Microsoft Active Directory. There are two options for the search property:
SAM Account Name - SAM Account Name is the legacy user login name format of DomainName\UserName which was used on earlier versions of Windows. The SAM format is still commonly used today.
User Principal Name - The User Principal Name is in the format of UserName@DomainName.com which is an internet style format.
|Auto Add to DX||Disabled by default. When Enabled, this will automatically add a user to DataXchange if the user authenticated successfully with LDAP. If this setting is disabled, the LDAP username MUST pre-exist in DataXchange.|