Manage Users with Active Directory

When Active Directory is configured and the user is identified as an “Is LDAP” user, EnterWorks will validate the user password using Active Directory authentication.

The use of LDAP versus secure LDAP (LDAPS) depends on system configuration.

The LDAP protocol and port choices may also differ between development, test, QA, staging, and production based on environmental and operational requirements.

Configuring the Active Directory

  1. Log into the Enable Classic UI as a user with Administrative privileges.
  2. Click on the Users and Group feature bar.
  3. Open Users and click on menu Utilities—>LDAP Configuration.

    LDAP Configuration

  4. Check the LDAP Enabled checkbox to enable Active Directory.
  5. Select Microsoft Active Directory as Provider.
  6. Do not change the Context, it will update automatically.
  7. Select SUBTREE_SCOPE option in the Search Scope dropdown list.
  8. Enter the LDAP Server Host according to the protocol used:
    • LDAP: <hostname>
    • LDAPS: ldaps://<hostname>
  9. Enter the LDAP Server Port. This can be the server’s port or the default value for the protocol used.
    • LDAP: the default port is 389.
    • LDAPS: the default port is 636.
  10. Optionally, enter Search Base using standard LDAP terms.
  11. Enter the full domain name for the User Context Search Base.
  12. Enter the short domain name for User Default Domain.
  13. Click Save.

Add an Active Directory User via Enable Classic UI

For information regarding adding an Active Directory user from the Enable Classic UI, contact your EnterWorks account representative.

Automatically Add an EnterWorks User from Active Directory

To automatically add a user from Active Directory, there must exist in EnterWorks a group whose name matches exactly the name of the Active Directory user’s group name.

When the user first logs on to EnterWorks, if the user is authenticated, EnterWorks will automatically add the user to the local database.

After the user has been added to the local system, any changes to the Active directory group membership will not be reflected in EnterWorks. You must manually move the user to the appropriate group in EnterWorks.

Change a Local User to an Active Directory User

To change a user’s authentication from local to Active Directory:

  1. Log into EnterWorks as an Administrator.
  2. Open the Users tab: open the Feature Sidebar, open the Administration tab, open the Users and Groups folder, and select Users.

    Open the Users Tab

  3. The Users tab will open. It displays a list of all the EnterWorks users.

    The Users Tab

  4. Double-click the user’s LDA attribute and set the attribute value to Yes. A status message will appear at the bottom of the window, announcing that the user’s account has been updated.