About authenticating users
During profile creation, you can choose a method to authenticate users. Users will use the password to activate inSync client and log on to inSync Web. You can choose between Active Directory password and inSync password. inSync password is the password assigned by inSync. Active Directory password is AD user ID and password. Authenticating users through an AD helps reduce the effort required to manage user accounts.
Dos and Don’ts of configuring authentication method for users
|You can change authentication method for users from inSync Password to Active Directory.||Do not change authentication method for users from Active Directory to inSync Password. This is because, user authentication will fail and you will have to reset password of all the users of that profile.|
|For integrated mass deployment, you must configure Active Directory for user authentication. This is because, integrated mass deployment only works if your organization uses AD for user authentication.||If you are using integrated mass deployment process, do not change the authentication method for users from Active Directory to inSync Password. This is because authentication will fail as inSync server will not find their details in AD during inSync client activation.|
|You can configure inSync Password authentication for users that you are importing from AD. In this case, do not use integrated mass deployment process to deploy inSync clients.||Do not configure Active Directory authentication for users created on the inSync server. This is because authentication will fail as inSync server will not find their details in AD during inSync client activation.|
To enable user authentication using an AD for an existing profile
- On the menu bar, click Manage > Profiles.
- Select the profile whose access policy you want to change.
- Under the Backup Policies tab, in the Retention and Access Policies area, click Edit. The Edit Profile window appears.
- Under Access Policies, from Login using drop-down, select Active Directory.
- Specify the AD host IP/FQDN of the server on which the AD is installed.
- Specify the port required to access AD. The port number for a domain controller is: 636 for secure and 389 for non-secure connection. The port number for a global catalog server is: 3289 for secure and 3268 for non-secure connection.
- Select if you want to access AD on a secure connection.
- Click Save.