| Bookshelf Home | Contents | Index | Search | PDF | |
Security Guide for Siebel eBusiness Applications > User Administration >
Delegated (External) Administration of Users
A delegated administrator is a user of a Siebel customer or partner application whose responsibility provides views that allow the delegated administrator to register and administer other users of that application. Delegated administration is typically implemented in business-to-business relationships.
Delegated administration of users minimizes your internal administrative overhead by moving some of the administrative load to administrators in your customer or partner companies.
User Authentication Requirements
Delegated administration is a default functionality of most Siebel customer and partner applications, but it is available only if you implement ADSI or LDAP security adapter authentication.
Delegated administration cannot be implemented if you use database authentication. If you want to implement delegated administration in a Web SSO authentication environment, you are responsible for configuring the functionality in your external authentication application, in your user directory, and in your security adapter. Such configuration guidelines are not provided in Siebel applications documentation.
Delegated administration requires you configure the ADSI or LDAP security adapter to propagate new and modified user data from the Siebel Database to the user directory.
If you implement an adapter-defined user name in your user authentication environment, then you cannot implement tools that allow Siebel user IDs stored in the directory to be managed from within Siebel applications, including delegated administration of users. For information about user authentication, see User Authentication Overview.
CAUTION: Make sure the application user for your Siebel customer or partner application has write privileges to the user directory. If you do not implement an application user, make sure delegated administrator users of the application have write privileges to the directory. Typically, you do this by assigning write privileges to all users to avoid administering privileges for individual users.
For information about setting up ADSI and LDAP security adapter authentication, see LDAP and ADSI Security Adapter Authentication.
| Bookshelf Home | Contents | Index | Search | PDF | |
Security Guide for Siebel eBusiness Applications Published: 23 June 2003 |