2.2.2 Authentication linked to a directory server
This authentication method uses the directory server for user authentication when a user logs in to JP1/DH - Server.
In this authentication method, the passwords of JP1/DH - Server users are managed by the directory server.
Users do not need to update their passwords in JP1/DH - Server because their passwords are managed by the directory server. Users can log in to JP1/DH - Server by using a password shared with another system linked to the directory server for authentication.
- Organization of this subsection
(1) General procedure for authentication
The following figure shows a general procedure for authentication when logging in to JP1/DH - Server by using the authentication linked to directory server.
The description of the figure is as follows:
-
The user user001@jp1dhdomain logs in to JP1/DH - Server.
-
JP1/DH - Server checks that the user user001@jp1dhdomain is registered in the system. If the user is recognized as a user using the authentication linked to directory server, JP1/DH - Server checks authentication information through linkage with directory server.
-
JP1/DH - Server receives the result of the authentication linked to directory server.
-
When the directory server confirms the validity of the authentication information, the user is allowed to log in to the system.
(2) Notes on operation
If you use authentication linked to the directory server, note the following when operating the system.
-
Even when using authentication linked to directory server, you must create users in JP1/DH - Server in advance.
-
Specify the same user IDs managed by directory server when creating users in JP1/DH - Server.
-
When you create a user in JP1/DH - Server, specifying passwords is required as the user information managed by JP1/DH - Server. For this password, you can specify any password because the password is not used in authentication linked to directory server.
Note that you cannot change a password managed by the directory server by changing a password on JP1/DH - Server.
-
The smallest unit for using authentication linked to directory server is a group.
-
A login ID for JP1/DH - Server is user-ID-managed-by-directory-server@domain-name-on-JP1/DH-Server-user-belongs-to.
-
When a user logs in to JP1/DH - Server, the system communicates with directory server. For that reason, it might take a while to log in when there is network traffic.