This configuration option uses the Windows
user store (domain or workgroup) to authenticate users.
For authorization, you can configure either to use the Windows user store or LDAP.
If required, the system reads the user and role attributes from the LDAP server.
Complete one of the following substeps.
-
If the system
uses the Windows user store for authentication and authorization,
complete the following substeps to determine the assignment of users
to roles from Windows.
- Enable Windows authentication. See Enable Windows authentication for more information.
- From the %Composerdir% directory, open UserRepository.config with a text editor that supports UTF-8.
-
Set
the profileReadOption attribute value to either All, Role, None,
or User.
<userRepository systemOId="cc" roleMapper="Std_Mapping" userProfile="Std_Profil" profileReadOption="None" userStore="Windows" />
- Save and close the file.
-
If the system
uses the Windows user store for authentication and the LDAP server
for authorization, complete the following substeps to determine
the assignment of users to roles from LDAP.
Note: The configuration file UserRepository_Ldap.config contains the LDAP server-specific settings. Modify this file before enabling LDAP authorization.
- Maintain the user and group assignment in LDAP.
- From the %Composerdir% directory, open Composer.Core.exe.config with a text editor that supports UTF-8.
-
If
the <serviceCredentials> element exists in the
file, remove the element or comment it out.
Example
<behavior name="STSBehaviour"> <!-- <serviceCredentials> <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="ModusSuite.Runtime.STS.LdapUserNamePasswordValidator, ModusSuite.Runtime.STSRuntimeService" /> </serviceCredentials> --> </behavior>
- Save and close the file.
- From the %Composerdir% directory, open UserRepository.config with a text editor that supports UTF-8.
- Set the userStore attribute value to LDAP.
-
Set
the profileReadOption attribute value to either All, Role, None,
or User.
Example
<userRepository systemOId="cc" roleMapper="Std_Mapping" userProfile="Std_Profil" profileReadOption="None" userStore="LDAP" />
- Save and close the file.