This chapter describes the steps required for setting the authentication method to either the NT or LDAP authentication method.

 

1. Create a group to UMS (Note that the same group does not have to exist in NT/LDAP).

2. For this group, select the appropriate access rights settings for each QPR product.

3. Next you must enable NT/LDAP authentication by selecting the Windows NT and/or LDAP options in the "Authentication method" sub-section of the QPR Foundation Server / General section in the QPR Configuration Manager.

4. Restart UMS Server if it was running while you were changing settings

 

You can also define a default user group to UMS for Windows NT/LDAP users. By using this option it's possible to authenticate users easily, using product permissions defined to the default user group in UMS.

 

A group can be made the default group in the following way:

•Open the QPR Configuration Manager utility

•Go to the QPR Foundation Server / General section.

•Select "UMS Only" in the "User Group" sub-section

•Insert the new group's name into the Default User Group field in the "User group" sub-section.

 

•If the default group is used, users are created into the default group when the following preconditions are met:

1. User does not exist in UMS  

 - NT/LDAP login is successful

 - The default group has enough rights to the product the user is logging into

2. User exists in UMS  

 - NT/LDAP login is successful

 - User uses group rights

 - User does not belong to any group

 

Note: Users can be members of multiple UMS groups:

•You can define only one default group for all users

•User rights override group rights

•Stronger group rights override weaker group rights

 

See also the "Adding Generic Single Sign-On Authorized Users to QPR User Management System" section in the Using Single Sign-On with QPR Products topic.