Active Directory Single Sign-On🔗
Eocortex supports the capability of logging into the system using Active Directory Pass-Through Authentication. This allows users to log into the Eocortex system through a domain user account without re-entering the login and password manually.
Note
This feature is available only for Enterprise and ULTRA licenses.
Warning
Single Sign-On through Active Directory is available only for servers running on Windows.
Usage
To log in to the system through Active Directory SSO, do the following:
Run the Eocortex Client, Eocortex Configurator or Eocortex Standalone application.
Select the Active Directory account type.
Select the user to log in at the bottom of the authorization window.
Note
For Active Directory accounts, the user name is specified as: username@domain; where domain is the domain name, username is the name of the user in the domain.
Note
An Active Directory domain user, in order to be able to log into Eocortex, must be added by the system administrator to the Eocortex user list.
Adding Active Directory user
To add an Active Directory domain user (or entire group of users) to the system, do the following:
Run the Eocortex Configurator application.
Open the Users page.
Select the Users of Eocortex applications tab.
Click the Add user button.
In the window that opens, click the Change type to Active Directory user link.
Type the username and password of the Active Directory account that has rights to search in Active Directory domain.
Find and select needed individual users or groups of users.
Note
When adding a group of Active Directory users to the system, the same access rights set in the system will apply to all users of this group.
Configuring access rights
Note
Active Directory Single Sign-On authorization is enabled by default only for the Senior administrators user group.
To enable Single Sign-On authorization for other users, do the following:
Run the Eocortex Configurator application.
Open the Users page.
Select the Users of Eocortex applications tab.
Select a group of users to provide permissions to use Active Directory SSO and click the Edit button.
Switch to the Basic tab of the window that opens.
Enable the Single sign-on through Active Directory permission.
Note
If a user belongs to two Active Directory groups at the same time, access rights will be assigned according to the group that is higher in the group list.
Requirements
Warning
If an Eocortex system with Eocortex ULTRA licenses, consisting of server applications version 1.4 or earlier, and containing Active Directory users or groups, needs to be upgraded to version 1.5 or later, then before updating must be removed from configurations of all Active Directory users and groups, and after the update, re-add these users and groups. This is because the older versions configuration lacks the complete information required to authorize these users into the Eocortex system.
Eocortex Standalone and Eocortex Server require being running under the domain user.
For Eocortex Standalone, log in to the operating system under the domain user and run the application.
For Eocortex Server, set the domain user credentials to the Log On tab of the service properties.
Note
By default, Eocortex Server is launched under the LOCALSYSTEM user.