i4connected Knowledgebase 5.6

Setting up Active Directory Authentication

Abstract

This article describes the procedure of activating Active Directory (Windows) Authentication for the i4connected portal.

This article describes the procedure of activating Active Directory (Windows) Authentication in i4connected portal.

Besides the proprietary user authentication, the i4connected portal also allows users to log in with their Windows credentials. In order to be able to use the Windows user name and password in the i4connected portal, the following setup must be done:

Activate Windows Authentication in Microsoft's Internet Information Services (IIS) Manager.

Make sure that Windows Authentication is enabled for Internet Information Services (IIS) Manager. This option can be found in Windows Features, under the World Wide Web Services > Security node.

Capture241.jpg

If Windows Authentication is not checked, check it and click OK to enable this IIS security feature.

Set the Read/Write delegation for Windows Authentication
  1. Open the Internet Information Services (IIS) Manager and select the server node in the Connections panel.

  2. In the central panel, open the Feature Delegation, located under the Management section.

    Capture237.jpg
  3. By default, the Authentication - Windows feature is set to Read Only. Right-click on it to open the contextual menu and select Read/Write to set the delegation as required.

    Capture245.jpg
Enable Windows Authentication in the Web.config file

Make sure that the <windowsAuthentication> node has the attribute enabled set to true inside the web.config file.

<!-- Enable Mixed Auth -->
<location path="MixedAuth">
  <system.webServer>
    <security>
      <authentication>
        <windowsAuthentication enabled="true" />
      </authentication>
    </security>
  </system.webServer>
</location>

The web.config file is available in the i4connected portal installation folder, inside the Web folder.

Important

When logging in with Windows credentials for the first time, the user account will be automatically created in the i4connected portal. The new user account will have no permissions, thus, the user will not be able to see anything in the portal.

In order to set up the new user account automatically created, an administrator must assign the appropriate permissions and entities to the new user account. Only after the user account setup is completed by an administrator, the user will be able to use the portal.