Users use their credentials to activate inSync Client and log on to inSync Web. When you create a profile, you can choose to authenticate users by using their Active Directory (AD) or LDAP credentials or their inSync credentials.
When you choose to use AD/LDAP credentials
Users must type their AD/LDAP user ID and password for authentication
When you choose to user inSync
Users must type the password that inSync assigns for their user account.
Note: Authenticating users through an AD/LDAP helps reduce the time and effort that you require to manage user accounts.
Dos and Don’ts for configuring the authentication method for users
- You can change the authentication method for users from inSync Password to AD/LDAP Account.
- For integrated mass deployment, you must configure your AD for user authentication. Integrated mass deployment only works if your organization uses AD for user authentication.
- Do not change the authentication method for users from AD/LDAP Account to inSync Password. The user authentication fails and you have to reset the password for all the users of that profile.
- Do not use AD/LDAP authentication for users created on inSync Master. Authentication fails because, during inSync Client activation, inSync Master does not find their details in your AD/LDAP.
To enable user authentication using an AD/LDAP for an existing profile
- On the inSync Master Management Console menu bar, click Profiles.
- Select the profile for which you want to change the authentication method.
- Click the General tab click Edit. The Edit Profile window appears.
- Under User Privacy & Access > Access Policy > Login using list, click AD/LDAP Account.
- From the Select AD/LDAP Server list, select the host IP / FQDN of the server on which your AD/LDAP is installed.
- Click Save.