Security Guide for Siebel Business Applications > User Administration >
Internal Administration of Users
You can provide an employee, a customer, or a partner user with access to one or more Siebel Business Applications by performing the following tasks:
- Provide the user with a method to be authenticated and thus to connect to a database account.
- An internal administrator uses a Siebel employee application, such as Siebel Call Center, to add the user to the Siebel Database.
User Authentication Requirements
Your authentication architecture should be implemented before adding new users. As an ongoing task, you must arrange that each new user can be authenticated at login. The setup and administration that you must perform for each new user depends on the authentication architecture you implement.
For information about user authentication concepts mentioned in the following descriptions, see Security Adapter Authentication.
- Database security adapter authentication. You must enter the user name for a valid database account in the user's user ID field. You must provide the user ID and the password to the database account to the new user.
- LDAP/ADSI security adapter authentication. You can configure your application so that when you create or modify user records in the Siebel Database, the security adapter propagates those changes to the user directory. Therefore, no separate administration of the user directory is required.
NOTE: For a Siebel security adapter to propagate new or modified user data from the Siebel Database to the user directory, the administrator who modifies the database records must log in through the same security adapter.
If you implement an adapter-defined user name in your user authentication environment, then you cannot implement tools that allow users' Siebel user IDs stored in the directory to be managed from within Siebel Business Applications. This includes internal administration of users that provides propagation of a user's Siebel user ID to the directory.
For information about user authentication, see Security Adapter Authentication.
CAUTION: Make sure the application user has write privileges to the user directory. The application user is the only user who create or modifies users in the directory.
- Web SSO authentication. You must maintain corresponding records in the external authentication system, the user directory, and the Siebel Database for each user. If you want to implement a mechanism for synchronizing these records, you must develop the utility independently, and implement it at the Web site level. Configuration guidelines are not provided in Siebel Business Applications documentation. You must provide authentication credentials to the new user.