Security Guide for Siebel Business Applications > User Administration > Delegated Administration of Users >
User Authentication Requirements for Delegated Administration
Delegated administration is default functionality of most Siebel customer and partner applications, but it is available only if you implement LDAP or ADSI security adapter authentication.
Delegated administration cannot be implemented if you use database authentication. If you want to implement delegated administration in a Web SSO authentication environment, you are responsible for configuring the functionality in your external authentication application, in your user directory, and in your security adapter. Such configuration guidelines are not provided in Siebel Business Applications documentation.
Delegated administration requires you configure the LDAP or ADSI security adapter to propagate new and modified user data from the Siebel Database to the user directory.
If you implement an adapter-defined user name in your user authentication environment, then you cannot implement tools that allow Siebel user IDs stored in the directory to be managed from within Siebel Business Applications, including delegated administration of users. For information about user authentication, see Security Adapter Authentication.
CAUTION: Make sure the application user for your Siebel customer or partner application has write privileges to the user directory.