Security Guide for Siebel eBusiness Applications > Security Adapter Authentication >

Implementing LDAP/ADSI Security Adapter Authentication

This section provides instructions for implementing LDAP/ADSI security adapter authentication.

To provide user access to a Siebel application implementing LDAP/ADSI security adapter or Web SSO authentication, the Siebel application must be able to retrieve the following:

• Credentials to access the database
• The user's Siebel user ID

Task Overview

You must perform the following tasks to set up a typical LDAP/ADSI security adapter authentication architecture:

• Set up a directory from which a database account and a Siebel user ID can be retrieved for each user.
• Configure parameters for the security adapter. You can do this by running the LDAP/ADSI Configuration Utility or by setting Name Server parameters directly using Server Manager.
• Configure parameters to specify which security adapter you are using. You can do this by running the LDAP/ADSI Configuration Utility or by setting Name Server parameters directly using Server Manager.
• Dedicated Web Clients only: Configure security-related parameters in application configuration files.
• Dedicated Web Clients only: Set a security-related system preference.
• Configure security-related parameters in the eapps.cfg file on the SWSE.
• Restart the Siebel Server and the Web server.

The LDAP/ADSI Configuration Utility can modify parameter values on the Name Server. You can also modify Name Server parameters using Siebel Server Manager.

For Dedicated Web Client deployments, the LDAP/ADSI Configuration Utility can modify parameter values in application configuration files, such as uagent.cfg for Siebel Call Center. You can also modify configuration files by editing them manually.

For more information about using the LDAP/ADSI Configuration Utility, see Using the LDAP/ADSI Configuration Utility.

For more information about security-related configuration parameters, see Configuration Parameters Related to Authentication.

Issues for Dedicated and Mobile Web Clients

Special issues apply for authentication for deployments using Siebel Dedicated Web Client or Mobile Web Client:

• For a particular Siebel application, when users connect from the Siebel Dedicated Web Client to the server database, the authentication mechanism must be the same as that used for Siebel Web Client users. This mechanism could be database authentication or a supported external authentication strategy, such as LDAP or ADSI.
• When connecting to the local database from the Mobile Web Client, mobile users must use database authentication. For information about authentication options for local database synchronization, see Siebel Remote and Replication Manager Administration Guide.