The user name MUST be a valid Windows domain user, but it can be a user that is different than the one currently logged into the machine.
Using integrated authentication with a login prompt provides tighter security. When the J1 user accesses J1 Desktop in this mode (integrated_loginprompt), instead of silently logging into the application using the user's Windows credentials, a login window appears.
|
The user name MUST be a valid Windows domain user, but it can be a user that is different than the one currently logged into the machine. |
To use integration authentication and synchronize J1 users and groups:
· Create an Organizational Unit (OU) in your Active Directory to be used solely for the purpose of specifying J1 Desktop application users, application groups, and membership of those users in application groups. Outside the initial implementation steps, J1 Desktop application users, J1 Desktop application groups, and group membership can be added in Active Directory and a Jenzabar-provided SQL Server Agent job will synchronize them to the APP_USER, APP_GROUP, and GROUP_MEMBERSHIP tables in the J1 database with the information in Active Directory.
· Use J1 Security and Permissions (Tasklist) to manage function permissions for each group. These group function permissions are not contained or maintained in Active Directory; therefore, the J1 Security and Permissions (Tasklist) module must be used to maintain that information.
To use integration authentication and synchronize just J1 Desktop users (available for 6.5.6 and 7.2.0 or higher schools only):
· Create an OU in your Active Directory to be used solely for the purpose of specifying J1 Desktop application users. Outside the initial implementation steps, J1 Desktop application users can be added in Active Directory and a Jenzabar-provided SQL Server Agent job will synchronize them to the APP_USER table in the J1 database with the information in Active Directory.
· Use the J1 Security and Permissions (Tasklist) module to manage the J1 group security memberships and permissions for each group. These permissions are not contained or maintained in Active Directory; therefore, the J1 Security and Permissions (Tasklist) module must be used.