Authentication Reference
This appendix is meant to supplement the information in the Managing Authentication section.
Jenzabar-ICSNET-Flags
When troubleshooting authentication, you may at times want to review a user’s details in AD LDS or ADAM. When doing this, you can check the Jenzabar-ICSNET-Flags bitmask to see how the system is authenticating the user. In general, we do not recommend manually changing the value of Jenzabar-ICSNET-Flags, but details are included here so you can understand what the values mean.
The system uses Jenzabar-ICSNET-Flags for a couple of different object types, but this section considers its behavior as applied to a PortalUser only. (“PortalUser” is a designation used in AD LDS or ADAM for each user account—regardless of whether it is an ERP account or a portal-only account.)
Bitmasks such as Jenzabar-ICSNET-Flags are decimal representations of binary values. When applied to a PortalUser, Jenzabar-ICSNET-Flags indicates a couple of things, including whether or not the user will be externally authenticated. The flags and their possible values are described in the following table.
Position | Text value | Decimal value | Notes |
---|---|---|---|
0 | FLAG_HIDE_FROM_CAMPUS_DIRECTORY | 1 | Indicates that the user de- selected the Show me in campus directory option in the My profile and settings feature. |
1 | FLAG_ADMIN_HIDE_FROM_CAMPUS_DIRECTORY | 2 | Indicates that the user was hidden from the Campus Directory by an administrator. |
2 | FLAG_HIDE_MIDDLE_NAME | 4 | Indicates that the user selected the Hide Middle Name option in the My profile and settings feature. |
3 | FLAG_BYPASS_EXTERNAL_AUTHENTICATION | 8 | Indicates that the user is internally authenticated. |
4 | FLAG_HAS_LOGGED_IN | 16 | Indicates whether the user has ever logged in to JICS. (However, this flag was created in 7.0, so if the user logged in for the first time in a 6.4 system, or earlier, this flag will never be set for that person.) |
The following examples explain the meaning of a few common values for Jenzabar-ICSNET-Flags:
8 – The user is set up to be internally authenticated (8), and does not hide any personal data.
16 – The user has logged in to JICS at least once (16), is externally authenticated and does not hide any personal data.
17 – The user has logged in to JICS at least once (16), is externally authenticated, wants to be hidden in the Campus Directory (1) and has nothing else hidden.
24 – The user has logged in to JICS at least once (16), is internally authenticated (8) and does not hide any personal data.
29 – The user has logged in to JICS at least once (16), is internally authenticated (8), hides their middle name (4) and is hidden from the Campus Directory (1).
Note the following:
For users that exist in the ERP system, whether or not the user is internally authenticated is determined by the DIS. For that reason, if you make a change to how role is authenticated using your ERP system, you will not see your change reflected by the Jenzabar-ICSNET-Flags value until after the DIS runs.
For portal-only users, the value of Jenzabar-ICSNET-Flags is essentially set as soon as you make changes in the JICS UI.
For both of the above, you have to refresh ADSI Edit before you will see evidence of any changes reflected in the Jenzabar-ICSNET-Flags value.
In previous releases, the jenzabar-ICSNET-GenericFlags bitmask could easily be used to temporarily override the external/internal authentication flag set in Jenzabar-ICSNET-Flags. However, because of recent changes in JICS, this is no longer the case in the default setup.