Active Directory Single Sign-On🔗

Eocortex supports the capability of logging into the system using Active Directory Pass-Through Authentication. This allows users to log into the Eocortex system through a domain user account without re-entering the login and password manually.

Note

This feature is available only for Enterprise and ULTRA licenses.

Warning

Single Sign-On through Active Directory is available only for servers running on Windows.

Usage

To log in to the system through Active Directory SSO, do the following:

  1. Run the Eocortex Client, Eocortex Configurator or Eocortex Standalone application.

  2. Select the /img/login-type-ad.png Active Directory account type.

    ../../_images/account-type-ad.png

  3. Select the user to log in at the bottom of the authorization window.

    ../../_images/connection-ad.png

Note

For Active Directory accounts, the user name is specified as: username@domain; where domain is the domain name, username is the name of the user in the domain.

Note

An Active Directory domain user, in order to be able to log into Eocortex, must be added by the system administrator to the Eocortex user list.

Adding Active Directory user

To add an Active Directory domain user (or entire group of users) to the system, do the following:

  1. Run the Eocortex Configurator application.

  2. Open the /config/svg/ico-tab-users.png Users page.

  3. Select the Users of Eocortex applications tab.

    ../../_images/app-users-ultra-new-user-ad-0.png

  4. Click the /config/users/svg/ico-user-add.png Add user button.

  5. In the window that opens, click the Change type to Active Directory user link.

    ../../_images/app-users-ultra-new-user-ad-1.png

  6. Type the username and password of the Active Directory account that has rights to search in Active Directory domain.

    ../../_images/app-users-ultra-new-user-ad-2.png

Find and select needed individual users or groups of users.

../../_images/app-users-ultra-new-user-ad-4.png

Note

When adding a group of Active Directory users to the system, the same access rights set in the system will apply to all users of this group.

Configuring access rights

Note

Active Directory Single Sign-On authorization is enabled by default only for the Senior administrators user group.

To enable Single Sign-On authorization for other users, do the following:

  1. Run the Eocortex Configurator application.

  2. Open the /config/svg/ico-tab-users.png Users page.

  3. Select the Users of Eocortex applications tab.

  4. Select a group of users to provide permissions to use Active Directory SSO and click the Edit button.

    ../../_images/config-users-groups.png

  5. Switch to the Basic tab of the window that opens.

  6. Enable the Single sign-on through Active Directory permission.

    ../../_images/ad-users-rights.png
Requirements

Warning

If an Eocortex system with Eocortex ULTRA licenses, consisting of server applications version 1.4 or earlier, and containing Active Directory users or groups, needs to be upgraded to version 1.5 or later, then before updating must be removed from configurations of all Active Directory users and groups, and after the update, re-add these users and groups. This is because the older versions configuration lacks the complete information required to authorize these users into the Eocortex system.

  • Eocortex Standalone and Eocortex Server require being running under the domain user.

  • For Eocortex Standalone, log in to the operating system under the domain user and run the application.

  • For Eocortex Server, set the domain user credentials to the Log On tab of the service properties.

    Note

    By default, Eocortex Server is launched under the LOCALSYSTEM user.

Related links

Autorun for Eocortex Client and Eocortex Standalone

Disabling Active Directory Single Sign-On button

Users of Eocortex applications (Enterprise and ULTRA licenses)